Recording audit data for system operation commands

The system operation commands are described in System operation commands). Such commands are not recorded in the user audit table, but you can specify that FTM SWIFT is to record audit data for these commands and their responses in the message audit table.

Audit data for such commands and their responses is recorded by the DniSysOp node. You can retrieve the system operation commands by selecting all audit data that has the value DniSysOp in column AM_NODE. For more information, see Retrieving data from an audit log.

For each command that is issued, two audit entries are written, one for the command and one for the response. To correlate a request with its response, use the message ID stored in the AM_MSG_ID column in the message audit table. This message ID is identical for both.

Whether audit data is to be recorded for system operation commands is determined by the value of the Audit attribute of the CO DniSysOpParameter for SYSOU. For example, for instance INST1:

Start the CLI for the instance INST1, OU SYSOU, and service DNI_SYSADM.
Enter the following command on a single line after the INST1.SYSOU.DNI_SYSADM> prompt:
- To activate the recording of audit data for all DNI_SYSOP commands:
```
add -ou SYSOU -ct DniSysOpParameter -co DniSysOpParameter
    -attr Audit -val all
```
- To deactivate the recording of audit data for all DNI_SYSOP commands:
```
add -ou SYSOU -ct DniSysOpParameter -co DniSysOpParameter
    -attr Audit -val none
```
Commit, approve, and deploy the changes for SYSOU:
```
com -ou SYSOU
app -ou SYSOU
dep -ou SYSOU
```
Note: If dual authorization is enabled, another user with the appropriate access rights must approve the changes before they can be deployed. Otherwise you can immediately deploy them.