Summary information |
|
|---|---|
Default value |
1 |
Range of values |
0–1 |
Status |
Dynamic |
Display level |
Intermediate |
Required role |
System Security Officer |
suspend audit when device full determines what Adaptive Server does when an audit device becomes completely full.
If you have two or more audit tables, each on a separate
device other than the master device, and you have a threshold procedure
for each audit table segment, the audit devices should never become
full. Only if a threshold procedure is not functioning properly
would the “full” condition occur.
Choose one of these values:
0 – truncates the next audit table and starts using it as the current audit table when the current audit table becomes full. If you set the parameter to 0, you ensure that the audit process is never suspended. However, you incur the risk that older audit records will get lost if they have not been archived.
1 – suspends the audit process and all user processes that cause an auditable event. To resume normal operation, the System Security Officer must log in and set up an empty table as the current audit table. During this period, the System Security Officer is exempt from normal auditing. If the System Security Officer’s actions would generate audit records under normal operation, Adaptive Server sends an error message and information about the event to the error log.
To run in the evaluated configuration, set this parameter to 1. See evaluated configuration in the Adaptive Server Glossary for more information.
