Glossary

A list of the services available on a server. Also listed are the hosts permitted to use each service.

The user interface in which product configuration and management tasks are performed. For Novell® Nsure™ Audit, the administrative tools is iManager.

An audible or visual alarm (such as a phone call, instant message, page, siren, flashing light, e-mail, etc.) intended to inform a system’s users and administrators about a policy violation, a change in the operating conditions of a system, or some kind of error condition.

A policy that determines which events should be logged to the data store and how those events should be monitored.

A distributed service that aggregates events from many sources and provides monitoring, logging, and reporting to facilitate analysis of the collected data. This is the “engine” of the product.

The data store that contains every event logged to the system. Novell Nsure Audit logs all events to the central data store before any other action is performed.

The communication paths that Novell Nsure Audit uses to log system events and provide event notification.

Objects used to store the information the logging server needs to use a certain channel. For example, MySQL Channel objects include the IP address or host name of the MySQL database server, a username and password to connect to the server, the database and table names, and other relevant information. SMTP Channel objects, on the other hand, include the IP address or host name of the SMTP server, a username and password, and message information (the message recipients, sender, subject, and body).

Data provided to the Auditing Service to be logged. This includes any significant occurrence in the system or its logging applications such as starting and stopping services, logging users on and off, accessing resources, granting access rights, and so forth.

The process of gathering events and storing them in the central data store and filtered data stores.

A collection of audit entries that make up an audit trail. Also, the destination file for audit entries or logged events.

A generic reference to any collection of one or more event logs in a directory or database.

A general term referring to the preservation, identification, extraction, and documentation of computer evidence from relevant logging applications.

The process of configuring an application's events so they conform to the Novell Nsure Audit standardized event structure.

A logging application that can report events to Novell Nsure Audit. Logging applications must report events using the Novell Nsure Audit program's standardized event structure.

A recording of a system event in a log file, typically in a standard text or marked-up text format such as TXT, XML, and so forth.

A mandatory component of an event that contains a descriptive severity level of the event. Log levels are 8 bits.

Persistent storage of historical data.

A generic term used to refer to any application that logs events to the Novell Nsure Audit for the purpose of leveraging its auditing, reporting, monitoring, or notification services.

The certificate at the logging application. Logging application certificates must be signed by the logging server certificate. This is done using the AudCGen utility.

The certificate at the logging server.

A user interface or a collection of user interfaces for viewing the real-time status of one or more aspects of a system or set of systems. A monitor can refer to a single gauge or a cluster of gauges. See named view.

The act of viewing data in real time. The data is exposed through a program or set of programs used to oversee computer-based systems and networks for the purpose of tracking usage or identifying, reporting on, and solving problems at the earliest possible stage. Typically, different tools are used to monitor individual system components, although the individual monitors might feed information to a higher-level monitor in order to encompass an entire computing environment.

A view of a set of one or more monitors that has been named and saved, and can be configured and deployed to a specific user or set of users based on their role in the organization. For example, if an administrator wanted a specific set of users to see how many new users were added to an HR application, the monitor for the HR application could be placed in a view named “New Employees.” Rights to access these named views can then be managed based on roles.

Unforgeable evidence that a specific action occurred.

This differs slightly from the traditional legal meaning of non-repudiation, which refers to the irrefutable genuineness of a traditional signature. Non-repudiation services typically include non-repudiation of origin, non-repudiation of delivery, non-repudiation of receipt, and non-repudiation of submission. The purpose of non-repudiation, in conformance with ISO/IEC 13888-1, -2 and -3, is to provide verifiable proof or evidence recording of data, based on cryptographic check values generated by using symmetric or asymmetric cryptographic techniques.

Non-repudiation of approval service provides proof of whom is responsible for approval of the content of a message.

Non-repudiation of sending service provides proof of who sent a message.

Non-repudiation of origin service is a combination of approval and sending services.

Non-repudiation of submission service provides proof that a delivery authority has accepted a message for transmission.

Non-repudiation of transport service provides proof for the message originator that a delivery authority has given the message to the intended recipient.

Non-repudiation of receipt service provides proof that the recipient received a message.

Non-repudiation of knowledge service provides proof that the recipient recognized the content of a received message.

Non-repudiation of delivery service is a combination of receipt and knowledge services. It provides proof that the recipient received and recognized the content of a message.

An automatically generated announcement or message intended to inform a system’s users and/or administrators about a specific condition of the system.

Application-specific event data that logging applications can include in their event structure, allowing Novell Nsure Audit to log more specific data.

The operating system-level agent that handles event transport between logging applications and the Secure Logging server.

An organization's rules governing event logging, the data store, event notifications, reset actions, and so forth, or the implementation of these rules. Policy is usually something that is written down, such as in an operations manual. Policy is often enforced through a defined set of rules.

The events returned from a data query. The information is presented in a data table; rows represent individual records and columns represent fields within those records.

A request for specific information from the data store. In Novell Nsure Audit, queries are made using the SQL query language.

A Crystal Decisions Report (*.rpt). Reports can graphically represent log data in pie charts, bar charts, and so forth.

A specified right, privilege, or item that can be granted or revoked from a user.

A function or position with associated rights and privileges dictating the operations a user is permitted to perform. Multiple roles can be assigned to one user.

Repeatable process steps that are performed in a defined order, and result in the application of a policy.

An auditing service where, the logged data and functioning are defensible in a court of law.

A specified point that when exceeded begins producing a specified effect or result when it is exceeded.

An act that sets in motion some course of occurrences. For example, an event that is found to be incongruent with business policy can be an impetus for action such as a notification or value reset.

Coordinated Universal Time, also know as Universal time. UTC is kept within 0.9 seconds of GMT with leap seconds that are added to or omitted from official timekeeping systems annually to compensate for changes in the rotation of the earth.

The abbreviation UTC is a language-independent international abbreviation which is neither English nor French. It means both “Coordinated Universal Time” and “Temps Universal Coordonné.”