XIsso - Windows interface for audit, default account parameters, and device assignments (Enhanced Security)
The functions performed with the XIsso program have been moved to other GUIs. The XIsso program in this release is an interface to the old /usr/tcb/bin/dxaccounts program. Support for XIsso will be discontinued after this release.
Use the /usr/tcb/bin/dxaudit program to perform the audit functions documented in this reference page. The dxaudit program can be run in the default CDE (Common Desktop Environment) as well as the optional DECwindows environment. See the dxaudit(8X) reference page for more information.
The account functions documented in this reference page are performed in CDE using the Account Manager program found under Application Manager --> System Management Utilities. See the Account Manager's online help for more information.
If you are using the DECwindows environment, use the new /usr/bin/X11/dxaccounts program (this is actually the Account Manager) to perform the accounts functions documented in this reference page. See the dxaccounts(8X) reference page and the Account Manager's online help for more information.
Use the /usr/tcb/bin/dxdevices program to perform the device functions documented in this reference page. The dxdevices program can be run in the default CDE (Common Desktop Environment) as well as the optional DECwindows environment. See the dxdevices(8X) reference page for more information. The XIsso program is a windowed interface that provides the capabilities to administer the audit, default account parameters, and device subsystems (the Information System Security Officer role functions). To use the XIsso program you need to log in as root.
This screen allows the administrator to create, modify, or delete selection files. Selection files contain parameters that indicate how audit records are selected from the raw audit trail during report generation. The selection parameters include things like time interval, audit events, and user ID. Any audit record matching the selection criteria is displayed. This screen allows the administrator to create, modify, or delete deselection files. A deselection file consists of tuples. The tuple is comprised of a host, audit ID, real UID, event, file pathname, and access mode. A deselection file can be used to further reduce audit records when generating reports. It can be used in combination with a selection file. Any audit record matching the deselection criteria is filtered out from the report stream. This screen allows the administrator to view an audit report. A selection file, a deselection file, and an audit log can be selected to generate a report. Output options include generating a report to a file, to a series of files sorted by audit ID, to a window on the screen, or if audit is currently enabled, to follow the current activity. Report records can be in brief format or long format. If in brief format, the administrator can double click on the record and get a pop-up of the long format.
The functions supported by the main Accounts menu are as follows: Allows you to select a non-ISSO account and to modify the account parameters. These parameters override any system-wide defaults that you have specified. You can select
the groups that the user can belong to, the login control parameters, the audit events, and the password parameters. Allows you to modify any user account template. Account templates can be created to specify account attributes for many user accounts. The system default template, SYS_DFLT, is always present.
The functions supported by the main Devices menu are as follows: Allows you to select a device and to create or modify the device parameters. These parameters override any system-wide defaults that you have specified. Currently terminals can be added to your secure configuration. (Printers and removable devices can be added or modified with the XIsso interface, but the operating system only deals with terminals.) Allows you to specify the system-wide default device control parameters.
If the Brief Report mode is selected, less data is available because XIsso stores both the brief and the full records to expand a brief format into a long format. This memory is freed after each report is finished, so it is not a cumulative amount.
Commands:dxaccounts(8X), dxaudit(8X), dxdevices(8X), auditd(8), audgen(8), audit_setup(8), audit_tool(8), auditmask(8), secsetup(8), XSysAdmin(8)
Security delim off