HP Medical Archive Solution Reference Guide

HP Medical Archive Solutions

Audit Message Reference Guide

March 2005 (First Edition)

Part Number 393234-001

The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein.

Microsoft, Windows, and Windows NT are U.S. registered trademarks of Microsoft Corporation.

March 2005 (First Edition) Part Number 393234-001

HPMA Audit Message Reference

DISCLAIMER

While every reasonable effort has been made to achieve technical accuracy and completeness, information in this document is subject to change without notice and does not represent a commitment on the part of Bycast Inc., or any of its subsidiaries, affiliates, licensors, or resellers. There are no warranties, express or implied, with respect to the content of this document.

Features and specifications of Bycast

products are subject to change

without notice.

This manual contains information and images about Bycast Inc., its fixed content storage systems, and its other products that are protected by copyright and furnished under terms of a license agreement.

This product includes software developed by the OpenSSL Project for use in the Open SSL Toolkit. (http://www.openssl.org/)

Proprietary and Confidential

Bycast® and StorageGRID™ are trademarks of Bycast Inc. Their related marks, images, and symbols are the exclusive properties of Bycast Inc.

Adobe® and Acrobat® are registered trademarks of Adobe Systems Incorporated in the United States and/or other countries.

Microsoft® and Windows® are registered trademarks of Microsoft Corporation.

MySQL® is a registered trademark of MySQL AB in the United States, the European Union and other countries.

All other brands, product names, company names, trademarks, and service marks are the properties of their respective owners.

HP Medical Archive

Preface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vii

Purpose . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vii

Currency . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vii

Intended Audience . . . . . . . . . . . . . . . . . . . . . . . . . . . . vii

References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . viii

Document Structure . . . . . . . . . . . . . . . . . . . . . . . . . . . viii

Using this Guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . viii

Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . viii

Contacts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . x

Audit Message Overview . . . . . . . . . . . . . . 1

Overview of Auditing . . . . . . . . . . . . . . . . . . . . . . . . . . . 2

Audit Message Flow . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2

Message Retention . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

Audit Log File Access . . . . . . . . . . . . . . . . . . . . . . . . . . 4

File and Message Format . . . . . . . . . . . . . . 5

Audit Log File Format . . . . . . . . . . . . . . . . . . . . . . . . . . 6

Audit Message Format . . . . . . . . . . . . . . . . . . . . . . . . . 6

Data Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

Event-Specific Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8

Common Elements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8

Message Reference . . . . . . . . . . . . . . . . . . . 11

Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

System Audit Messages . . . . . . . . . . . . . . . . . . . . . . . . . 12

Object Audit Messages . . . . . . . . . . . . . . . . . . . . . . . . . . 13

HTTP Protocol Audit Messages . . . . . . . . . . . . . . . . . . 14

DICOM Audit Messages . . . . . . . . . . . . . . . . . . . . . . . . . 15

File System Gateway Audit Messages . . . . . . . . . . . . . . 16

Audit Message Reference . . . . . . . . . . . . . . . . . . . . . . . 17

BKSB—Backup Store Begin . . . . . . . . . . . . . . . . . . . . . . 17

BKSE—Backup Store End . . . . . . . . . . . . . . . . . . . . . . . 18

CBRB—Object Receive Begin . . . . . . . . . . . . . . . . . . . . 19

CBRE—Object Receive End . . . . . . . . . . . . . . . . . . . . . . 20

CBSB—Object Send Begin . . . . . . . . . . . . . . . . . . . . . . . 21

iii

HP Medical Archive

HPMA Audit Message Reference

CBSE—Object Send End . . . . . . . . . . . . . . . . . . . . . . . . . 22

CDAD—DICOM Study Add . . . . . . . . . . . . . . . . . . . . . . 23

DASC—DICOM Association Close . . . . . . . . . . . . . . . . 24

DASE—DICOM Association Establish . . . . . . . . . . . . . 24

DASF—DICOM Association Fail . . . . . . . . . . . . . . . . . . 25

DCFE—DICOM C–FIND End . . . . . . . . . . . . . . . . . . . . 26

DCFS—DICOM C–FIND Start . . . . . . . . . . . . . . . . . . . . 27

DCGE—DICOM C–GET End . . . . . . . . . . . . . . . . . . . . . 28

DCGS—DICOM C–GET Start . . . . . . . . . . . . . . . . . . . . 29

DCME—DICOM C–MOVE End . . . . . . . . . . . . . . . . . . 29

DCMS—DICOM C–MOVE Start . . . . . . . . . . . . . . . . . . 31

DCMT—DICOM Storage Commitment . . . . . . . . . . . . 32

DCPE—DICOM C–STORE End . . . . . . . . . . . . . . . . . . 32

DCPS—DICOM C–STORE Start . . . . . . . . . . . . . . . . . . 34

DCSF—DICOM C–STORE Fail . . . . . . . . . . . . . . . . . . . 34

ETAF—Security Authentication Failed . . . . . . . . . . . . . 36

ETCA—TCP/IP Connection Establish . . . . . . . . . . . . . 37

ETCC—TCP/IP Connection Close . . . . . . . . . . . . . . . . . 38

ETCF—TCP/IP Connection Fail . . . . . . . . . . . . . . . . . . 38

FCRE—File Create . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40

FDEL—File Delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40

FMFY—File Modify . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41

FRNM—File Rename . . . . . . . . . . . . . . . . . . . . . . . . . . . 41

FSTG—File Store to Grid . . . . . . . . . . . . . . . . . . . . . . . . 42

FSWI—File Swap In . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42

FSWO—File Swap Out . . . . . . . . . . . . . . . . . . . . . . . . . . 43

HCPE—HTTP PUT C–STORE End . . . . . . . . . . . . . . . . 44

HCPS—HTTP PUT C–STORE Start . . . . . . . . . . . . . . . 45

HDEL—HTTP DELETE Transaction . . . . . . . . . . . . . . 45

HGEE—HTTP GET Transaction End . . . . . . . . . . . . . . 46

HGES—HTTP GET Transaction Start . . . . . . . . . . . . . 47

HHEA—HTTP HEAD Transaction . . . . . . . . . . . . . . . . 48

HOPT—HTTP OPTIONS Transaction . . . . . . . . . . . . . 49

HPOE—HTTP POST Transaction End . . . . . . . . . . . . . 50

HPOS—HTTP POST Transaction Start . . . . . . . . . . . . 51

HPUE—HTTP PUT Transaction End . . . . . . . . . . . . . . 52

HPUS—HTTP PUT Transaction Start . . . . . . . . . . . . . 53

HTSC—HTTP Session Close . . . . . . . . . . . . . . . . . . . . . 53

HTSE—HTTP Session Establish . . . . . . . . . . . . . . . . . . 54

RPSB—Replication Session Begin . . . . . . . . . . . . . . . . . 55

RPSE—Replication Session End . . . . . . . . . . . . . . . . . . 55

SADD—Security Audit Disable . . . . . . . . . . . . . . . . . . . 56

SADE—Security Audit Enable . . . . . . . . . . . . . . . . . . . . 57

SCMT—Object Store Commit . . . . . . . . . . . . . . . . . . . . 57

SREM—Object Store Remove . . . . . . . . . . . . . . . . . . . . 58

SVRF—Object Store Verify Fail . . . . . . . . . . . . . . . . . . . 59

HP Medical Archive

SVRU—Object Store Verify Unknown . . . . . . . . . . . . . 59

SYSD—Node Stop . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60

SYSU—Node Start . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60

TACB—Grid Task Action Begin . . . . . . . . . . . . . . . . . . . 61

TACE—Grid Task Action End . . . . . . . . . . . . . . . . . . . . 61

TSGC—Grid Task Stage Change . . . . . . . . . . . . . . . . . . 62

TSTC—Grid Task State Change . . . . . . . . . . . . . . . . . . . 63

Glossary . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65

HP Medical Archive

HPMA Audit Message Reference

HP Medical Archive

Preface

Purpose

The Audit Management System (AMS) service stores audit messages of grid activity and events to a set of text log files. To enable you to read and analyze the audit trail, this document provides information on the structure and content of the text file log.

The objectives of this document are to:

• Describe how to access the current log file and archived logs

• Describe the text file format

• Provide a reference for common audit messages

Currency

The content is current with the AMS service software version 4.6.0, as included in the HP Medical Archive system release 5.2. To find the version number of your AMS service software:

1. Using the NMS interface, select an AMS service Overview page.

The version number is reported in the Node Information block.

If you have an earlier version of the AMS service, contact HP Support.

Intended Audience

The content of this guide is intended for administrators responsible for producing reports of network activity and usage that require analysis of the audit messages.

You are assumed to have a sound understanding of the nature of audited activities within the HP Medical Archive system. To use the text log file, you are assumed to have access to the configured audit share on the server hosting the AMS service.

vii

HP Medical Archive

HPMA Audit Message Reference

References

This document assumes familiarity with many terms related to computer operations and programming, network communications, and operating system file operations. There is wide use of acronyms. To assist you, there is a glossary at the back of this reference (page 65).

Document Structure

HP Medical Archive product guides are generally provided in printed format. They may also be available in Adobe Document Format).

You may print copies of the PDF editions for internal use but all copies must be treated as proprietary and confidential; not for general distribution.

Using this Guide

This guide is comprised of three chapters:

“Audit Message Overview”—Provides a brief overview of the audit message system and the design of the text log file.

“File and Message Format”—Defines the format of the audit log file and the format of audit messages, along with details of the common elements found in all audit messages.

“Message Reference”—Provides supporting information for all audit messages issued by the system.

Acrobat® PDF (Portable

Conventions

This guide adheres to conventions for terminology to avoid confusion or misunderstanding. There are also conventions for typography to enhance readability and usefulness of the text.

viii

HP Medical Archive

Preface

Terminology

There is some room for confusion between common computer network terminology for “server” and “node” as they are used in HP Medical Archive products and documents.

A server is usually thought of as a piece of computing hardware that provides data services to requesting network clients; a resource providing network, computational, and storage services. Within the context of the HP Medical Archive, a server is an entity hosting one or more grid services.

Nodes in a network are usually defined as an independent entity with a unique network identity, running on a resource. In this text, the use of the phrase “grid node” refers to an addressable entity on the grid that provides and uses functional services within the grid to perform one or more tasks. Each grid node has a unique “node ID”. These include: ADC, CMS and LDR. In the HP Medical Archive User Guide and other user documents these are referred to as “services”.

In contrast, the HP Medical Archive packages the grid service modules into “nodes”. Some node packages are required, others are optional. When used in this context the term appears in uppercase; as in “ControlNODE”, which usually incorporates the ADC, CMS and SSM services on one server.

Numerics

Numeric values are presented in decimal unless noted otherwise.

Hexadecimal values in the narrative are noted using the prefix “0x”; for example: 0x3B. Where sample messages include data as a string of hexadecimal characters, the prefix only appears if it is included within the message.

Fonts

To assist you in easily picking out the elements of importance, changes from the standard font are used:

• Items upon which you act are shown in bold. These include:

• Sequences of selections from the navigation tree, tabs, and

page options, such as: LDR X Configuration X Notifications.

• Buttons or keys to click or press, such as Apply or <Tab>.

• Radio buttons or check buttons to enable or disable, such as

Save configuration as default.

HP Medical Archive

HPMA Audit Message Reference

• Field prompts, names of windows and dialogs, messages, and

other literal text in the interface is shown in sans-serif such as the LDR State pull down menu, or the Sign In... window.

• Items within the narrative that require emphasis appear in italics.

• Coding samples or interactions with a command terminal are

shown in the fixed space font: Any italicized portion indicates variable data you provide to meet

your needs.

Keyboard keys that use words or standard abbreviations are shown within angle brackets, such as <Ctrl> for the control key, <Tab>, <space>, and <Enter>.

Contacts

<?xml version=1.0 ?>

For general product and company information, refer to the HP web site at:

www.hp.com

If you cannot find the information you need in this document, there are several other resources you can use to get more detailed information:

• The HP website (http://www.hp.com)

• Your nearest HP authorized reseller (for the locations and tele-

phone numbers of these resellers, refer to the HP website)

• HP technical support:

• In North America, call 1-800-652-6672

• For other regions, refer to the HP website.

HP Medical Archive

Audit Message Overview

Chapter Contents

Overview of Auditing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2

Audit Message Flow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2

Message Retention. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3

Audit Log File Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4

HP Medical Archive

HPMA Audit Message Reference

Overview of Auditing

As services in the grid perform various activities and process events, audit messages are generated to retain a record of grid activity. These messages are processed by the Audit Management System (AMS) service and stored in the form of text log files. This document provides information on the structure and content of the text log files to enable you to read and analyze the audit trail of grid activity.

Audit Message Flow

Audit messages are generated internally by each grid service. All system services generate audit messages during normal system operation. These messages are sent to the connected AMS services for processing and storage.

Some grid services can be designated as audit message relay services. They act as collection points to reduce the need for every service to send its audit messages to all connected AMS services. Notice in Figure 1 that each relay service must send messages to all AMS destinations, whereas services can send messages to just one relay service.

Figure 1: Audit Message Flow

HP Medical Archive

Relay services are designated at the time the grid topology is configured. Any grid service (LDR, ADC, CMS, and so on) can be designated to act as an audit message relay.

Message Retention

Once an audit message is generated, it is stored on the local server of the originating service until it has been committed to all connected AMS servers, or a designated audit relay service. The relays in turn store the message until it is committed at all AMS services. This process includes a confirmation (positive acknowledgment) to ensure no messages are lost.

Audit Message Overview

Figure 2: Audit Message Retention

Messages arrive at the AMS and are stored in a queue pending confirmed write to the text log file. Confirmation of the arrival of messages is sent to the originating service (or audit relay) to permit the originator to delete its copy of the message.

Only after a message has been committed to storage at the AMS can it be removed from the queue. This local message buffer at the AMS has an alarm (AMQS) associated with it, in the event the backlog becomes unusually large. At times of peak activity, the rate at which audit messages are arriving may be faster than they can be committed to storage, causing a temporary backlog that will clear itself when grid activity declines.

When the text log file on the Admin Node reaches a predefined size, it is automatically converted to a compressed format and a new text log file is started. Over very long periods of time, this can result in con-

HP Medical Archive

HPMA Audit Message Reference

sumption of the available storage on the server hosting the AMS service. Based on the requirements of your enterprise, either archive the older compressed files to some other media (such as DVD-R, or into the grid itself), or they will be automatically deleted.

Audit Log File Access

Access to the text log file at the AMS requires you to have an account and password to access the audit share on the server hosting the AMS service.

The active log file and any compressed log files are available through your configured audit share directory.

The active audit log file is named:

audit.log

Archived log files are named using the convention:

YYYY-MM-DD.txt.gz

where the file name includes a date and time stamp (in UTC) when the file was archived.

To access an archived audit log file:

1. Make a local copy of the file to work with.

2. Decompress the file. This process requires a decompression utility.

We recommend “7-Zip”, which is a free download from:

http://www.7-zip.org/

Access log files as simple text files.

The next chapter provides details of the file’s internal structure and the syntax of audit messages.

HP Medical Archive

File and Message Format

Chapter Contents

Audit Log File Format. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6

Audit Message Format . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6

Data Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7

Event-Specific Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8

Common Elements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8

HP Medical Archive

HPMA Audit Message Reference

Audit Log File Format

The audit log contains individual audit messages in the following format:

1. Date and time stamp (local time) the message was processed at the

AMS, followed by the server host name and the string “

2. The message itself, enclosed within square brackets “[]”. The

message structure is discussed in the next section on page 6.

The following is the beginning of a sample log file. Messages are wrapped within the boundaries shown, ending after the ASQN attribute and double closing brackets “]]”. The <CR><LF> characters at the end of each message are not shown.

Feb 12 02:37:34 an1-a-1 AMS: [AUDT[RSLT(FC32):'DSDN'][AVER(UI32):3][ATYP(FC32):'SYSU'][ATIM(UI64):11081758444743 62][ATID(UI64):9384121014334693630][ANID(UI32):15010119][AMID(FC32):'ARNI'][ASQN(UI

64):0]] Feb 12 02:37:34 an1-a-1 AMS: [AUDT[SEID(FC32):'RCON'][CNDR(FC32):'OUTB'][SVIP(UI32):1501][DAIP(IP32):14.1.1.13][ SAIP(IP32):14.1.1.19][CNID(UI64):1716307103][RSLT(FC32):'CRFU'][AVER(UI32):3][ATYP( FC32):'ETCF'][ATIM(UI64):1108175844660669][ATID(UI64):5503182624165676149][ANID(UI3

2):15010119][AMID(FC32):'RCON'][ASQN(UI64):1]] Feb 12 02:37:34 an1-a-1 AMS: [AUDT[SEID(FC32):'RCON'][CNDR(FC32):'OUTB'][SVIP(UI32):1501][DAIP(IP32):14.1.1.15][ SAIP(IP32):14.1.1.19][CNID(UI64):2329159112][RSLT(FC32):'CRFU'][AVER(UI32):3][ATYP( FC32):'ETCF'][ATIM(UI64):1108175854682710][ATID(UI64):7756750787035320318][ANID(UI3

2):15010119][AMID(FC32):'RCON'][ASQN(UI64):2]]

AMS:”.

Audit Message Format

Audit messages exchanged within the grid include some standard information common to all messages, and specific content for the event or activity being reported.

Each audit message is logged as a string composed of attribute elements that are:

• Enclosed in square brackets “[ ]”

• Introduced by the string “AUDT”, indicating an audit message

HP Medical Archive

File and Message Format

• Do not have delimiters (no commas or spaces) between attributes

• Terminated by a carriage return and line feed (<CR><LF>)

Each element includes: an attribute code, data type, and value. It takes the format:

[ATTR(type):value][ATTR(type):value]... [ATTR(type):value]<CR><LF>

Where:

•

ATTR is a four-character code for the attribute being reported. See

Chapter 3, starting on page 11 for a directory of message attributes and their meaning.

•

type is a four-character identifier of the programming data type of

the value, such as: UI64, FC32, and so on. See “Data Types” on the next page. The type is enclosed in brackets “( )”.

•

value is the content of the attribute, typically a numeric or text

value (text values are enclosed in single quotes). Values always follow a colon “:”.

Data Types

The number of attribute elements in the message depends on the event type of the message.

Sample Audit Message

[HSID(UI64):811028912][DIDR(CSTR):’INBO’][HSCR(FC32):’SUCS’] [AVER(UI32):2][ATYP(FC32):’HTSC’][ATIM(UI64):1099615457414746] [ATID(UI64):11174705928149966150][ANID(UI32):12130010] [AMID(FC32):’HTSM’][ASQN(UI32):49984]

The data types encountered in the audit messages are:

Table 1: Data Types

Type Description

UI32 Unsigned long integer (32 bits); it can store the numbers

0–4,294,967,295.

UI64 Unsigned double long integer (64 bits); it can store the

numbers 0–18,446,744,073,709,551,615.

FC32 Four Character Constant; a 32-bit unsigned integer value

represented as four ASCII characters such as: “ABCD”.

HP Medical Archive

HPMA Audit Message Reference

Table 1: Data Types (cont.)

Type Description

IP32 IP Address; a 32-bit IP address representation.

CSTR C String; a variable length array of characters.

Event-Specific Data

Following the opening “[AUDT” container that identifies the message itself, is a series of items specific to each event or action. Chapter 3, “Message Reference” on page 11 lists attributes commonly used for tracing grid activity.

Common Elements

After the event-specific information is a set of elements common to all audit messages:

Table 2: Common Elements of Audit Messages

Code Type Description

AVER UI32 Version—The version of the audit message. As the HP Medical

Archive software evolves, new versions of services may incorporate new features in audit reporting. This field enables backward compatibility in the AMS to process messages from older versions of services.

ATYP FC32 Event Type—A four-character identifier of the event being logged.

This governs the “payload” content of the message—the attributes included.

ATIM UI64 Timestamp—The time the event was generated that triggered the

audit message, measured in microseconds since the operating system epoch (00:00:00 UTC on 1 January, 1970). Note that most available tools for converting the timestamp to local date and time are based on milliseconds. Rounding or truncation of the database timestamp may be required.

ATID UI64 Trace ID—An identifier that is shared by the set of messages that

were triggered by a single event.

HP Medical Archive

File and Message Format

Table 2: Common Elements of Audit Messages (cont.)

Code Type Description

ANID UI32 Node ID—The grid node ID assigned to the service that generated

the message. Each service is allocated a unique identifier at the time the HP Medical Archive is configured and installed. This ID cannot be changed.

AMID FC32 Module ID—A four-character identifier of the module ID that gen-

erated the message. This indicates the code segment within which the audit message was generated.

ASQN UI64 Sequence Count—A counter that is incremented for each generated

audit message on the grid node (ANID). This counter is reset to zero at service restart. It can be used for consistency checks to ensure that no audit messages have been lost.

HP Medical Archive

HPMA Audit Message Reference

HP Medical Archive

Message Reference

A comprehensive listing of generated audit messages.

Chapter Contents

Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12

System Audit Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12

Object Audit Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13

HTTP Protocol Audit Messages . . . . . . . . . . . . . . . . . . . . . .14

DICOM Audit Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . .15

File System Gateway Audit Messages . . . . . . . . . . . . . . . . .16

Audit Message Reference . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .17

HP Medical Archive

HPMA Audit Message Reference

Introduction

This chapter provides detailed descriptions of the attributes reported in all audit messages issued by the system.

Messages are listed alphabetically to facilitate referencing the content for a specific message of interest. To reference related messages for a given class of activity, use the tables in the subsections below.

System Audit Messages

This group of messages are for events related to:

• The auditing system itself

• Grid node states

• Grid-wide task activity (Grid Tasks)

• Service backup operations

• File System Gateway (FSG) replications

Table 3: System Audit Messages

Code Description Page

ETCA TCP/IP Connection Establish—An incoming or outgoing TCP/IP

connection was successfully established.

ETCC TCP/IP Connection Close—An established connection has been

closed by either side of the connection (normally or abnormally).

ETCF TCP/IP Connection Fail—An outgoing connection attempt failed at

the lowest level, due to communication problems.

SADD Security Audit Disable—Audit message logging has been turned

off.

SADE Security Audit Enable—Audit message logging has been turned on. 57

ETAF Security Authentication Failed—A connection attempt using Trans-

port Layer Security (TLS) has failed.

SYSU Node Start—An HP Medical Archive grid service started; the nature

of the previous shutdown is indicated in the message.

SYSD Node Stop—An HP Medical Archive grid service has been grace-

fully stopped.

HP Medical Archive

Message Reference

Table 3: System Audit Messages (cont.)

Code Description Page

TSTC Grid Task State Change—A grid task has been added, started,

paused, canceled, or completed.

TSGC Grid Task Stage Change—The stage of a grid task has changed. 62

TACB Grid Task Action Begin—A grid task action has begun. 61

TACE Grid Task Action End—A grid task action has completed. 61

BKSB Backup Store Begin—A service has begun a backup operation. 17

BKSE Backup Store End—A service has completed a backup operation. 18

RPSB Replication Session Begin—A service has begun a replication opera-

tion to a secondary service.

RPSE Replication Session End—A service has completed a replication

operation to a secondary service.

Object Audit Messages

Object audit messages represent events related to the storage and management of objects within the grid. These include:

• Object storage/retrieval

• Node-to-node transfer

• Verific ation

Table 4: Object Audit Messages

Code Description Page

CBSB Object Send Begin—The source entity initiated a node-to-node data

transfer operation on a single piece of content.

CBSE Object Send End—The source entity completed a node-to-node data

transfer operation.

CBRB Object Receive Begin—The destination entity initiated a node-to-

node data transfer operation on a single piece of content.

CBRE Object Receive End—The destination entity completed a node-to-

node data transfer operation.

SCMT Object Store Commit—A content block was completely stored and

verified, and can now be requested.

HP Medical Archive

+ 55 hidden pages