Chapter 38 – |
Monitoring and Control Systems |
Diane E. (Dione) Levine
Chapter Contents:
|
38.1 |
|
Introduction
|
|
38.2 |
|
Terminology
|
|
38.3 |
|
Purpose of Monitoring and Control Systems
|
|
38.4 |
|
Types of Log File Records
|
|
38.4.1 |
|
System Boot
|
|
38.4.2 |
|
System Shutdown
|
|
38.4.3 |
|
Process Initiation
|
|
38.4.4 |
|
Process Termination
|
|
38.4.5 |
|
Session Initiation
|
|
38.4.6 |
|
Session Termination
|
|
38.4.7 |
|
Invalid Logon Attempts
|
|
38.4.8 |
|
File Open
|
|
38.4.9 |
|
File Close
|
|
38.4.10 |
|
Invalid File Access Attempts
|
|
38.4.11 |
|
File I/O
|
|
38.4.12 |
|
System Console Activity
|
|
38.4.13 |
|
Network Activity
|
|
38.4.14 |
|
Resource Utilization
|
|
38.4.15 |
|
Central Processing Unit
|
|
38.4.16 |
|
Disk Space
|
|
38.4.17 |
|
Memory Consumption
|
|
38.4.18 |
|
System Level versus Job Level
|
|
38.5 |
|
Analyzing Log Files
|
|
38.5.1 |
|
Volume Considerations
|
|
38.5.2 |
|
Archiving Log Files
|
|
38.5.3 |
|
Platform-Specific Programs for Log-File Analysis
|
|
38.5.4 |
|
Exception Reports
|
|
38.5.5 |
|
Artificial Intelligence
|
|
38.5.6 |
|
Chargeback Systems
|
|
38.6 |
|
Protecting Log Files Against Alteration
|
|
38.6.1 |
|
Checksums
|
|
38.6.2 |
|
Digital Signatures
|
|
38.6.3 |
|
Encryption
|
|
38.6.4 |
|
Physically Sequestering Log File Tapes/Cartridges
|
|
38.7 |
|
Memory Dumps
|
|
38.7.1 |
|
Diagnostic Utilities
|
|
38.7.2 |
|
Output to Magnetic Media or Paper
|
|
38.7.3 |
|
Navigating the Dump Using Exploratory Utilities
|
|
38.7.4 |
|
Understanding System Tables
|
|
38.7.5 |
|
Security Considerations for Dump Data
|
|
38.8 |
|
Summary
|
|
38.9 |
|
References
|
|
|
|