Disabling resource access events

You can use protected object policies (POPs) to selectively disable auditing of access to particular resources.

Procedure

Disable generating audit records.
If a POP with the audithttp extended attribute set to no is attached to a resource, access to that resource does not generate an HTTP access audit record. For example, if access to the /images subdirectory is not of sufficient interest to merit an audit record, you can disable audit records by using the following commands:
```
pdadmin sec_master> pop create nohttpaudit
pdadmin sec_master> pop modify nohttpaudit set attribute audithttp no
pdadmin sec_master> pop attached /WebSEAL/server/images nohttpaudit
```
After you attach the nohttpaudit POP to the /images subdirectory, access to files under this directory no longer generates an audit event.
Enable generating audit records.
If you have a specific resource that must be audited, you can enable auditing of that resource. To enable auditing, attach a second POP without the audithttp attribute. For example, the special.jpg file in the /images subdirectory must be audited. You can enable audit records for the file with the following commands:
```
pdadmin sec_master> pop create restorehttpaudit
pdadmin sec_master> pop attached /WebSEAL/server/images/special.jpg \
  restorehttpaudit
```