PowerBroker for Unix & Linux · 2020. 5. 18. · PowerBroker® for Unix & Linux browser interface enables you to view event logs and replay I/O logs, create and run log and entitlement

PowerBroker® for Unix & LinuxUNIX® + Linux® Edition

Browser Interface Guide for:PowerBroker Express

PowerBroker Virtualization

PowerBroker for Unix & Linux - UNIX Edition

PowerBroker for Unix & Linux - Linux Edition

Revision/Update Information: November 2015Software Version: 9.2Document Revision: 0

Corporate Headquarters5090 N. 40th StreetPhoenix, AZ 85018Phone: 1 818‐575‐4000

COPYRIGHT NOTICECopyright © 2015 BeyondTrust Software, Inc. All rights reserved.

The information contained in this document is subject to change without notice.

No part of this document may be photocopied, reproduced or copied or translated in any manner to another language without theprior written consent of BeyondTrust Software.

BeyondTrust Software is not liable for errors contained herein or for any direct, indirect, special, incidental or consequentialdamages, including lost profit or lost data, whether based on warranty, contract, tort, or any other legal theory in connection withthe furnishing, performance, or use of this material.

All brand names and product names used in this document are trademarks, registered trademarks, or trade names of theirrespective holders. BeyondTrust Software is not associated with any other vendors or products mentioned in this document.

Contents

Browser Interface Guide 3 © 2015 BeyondTrust Software, Inc.

Contents

Introduction ........................................................................................................................... 6Conventions Used in This Guide ......................................................................................................6

Font Conventions ......................................................................................................................6Linespacing Conventions ..........................................................................................................6

Where to Go Next? ..........................................................................................................................7Documentation Set for PowerBroker for Unix & Linux .............................................................7Sample Policy Files ....................................................................................................................7Contacting Support ...................................................................................................................8

Getting Started ...................................................................................................................... 9Prerequisites ...................................................................................................................................9Browser Startup ............................................................................................................................11Main Page ......................................................................................................................................12

Enter Network Password Dialog Box ......................................................................................14Kerberos Authentication Dialog Box .......................................................................................15

File Browser Page ..........................................................................................................................15Opening the File Browser .......................................................................................................16Navigating ...............................................................................................................................16Refreshing the List ..................................................................................................................16Filtering the List ......................................................................................................................16Selecting a File ........................................................................................................................16

Viewing Logs ........................................................................................................................ 17Viewing PowerBroker for Unix & Linux Events .............................................................................17

Selecting an Event Log and Records Page ...............................................................................17Using the Event Log Page ........................................................................................................18Using the Event Log Detail Page .............................................................................................19

Viewing PowerBroker for Unix & Linux I/O Logs ...........................................................................19Selecting an I/O Log ................................................................................................................20Using the I/O Log Viewer Page ...............................................................................................20I/O Log Variables Page ............................................................................................................23Using the I/O Log Input Viewer Page ......................................................................................23

Reports ................................................................................................................................ 25Event Log Reporting ......................................................................................................................25

Defining a New Report with the Event Log Report Wizard .....................................................26Selecting Event Logs .........................................................................................................27Selecting Fields to Extract ................................................................................................28Filtering the Data ..............................................................................................................29Extracted Data Management Form ..................................................................................30Column Headers & Widths Form ......................................................................................31Sorting, Grouping & Control Breaks Form ........................................................................32Field Summaries Form ......................................................................................................33

Contents


Page Setup Form ..............................................................................................................34Report Destination Form .................................................................................................35Defined Report Sets Form ...............................................................................................36

Save Log Report File Page .......................................................................................................37Edit Log Report Page ...............................................................................................................38Run Log Report Page ...............................................................................................................39Report Set Execution Page ......................................................................................................39

Entitlement Reporting ...................................................................................................................40Using the Entitlement Report Wizard .....................................................................................40

Selecting a Policy File to Report On ..................................................................................41Selecting a Report Type ....................................................................................................42Constraints Form ..............................................................................................................43Column Headers & Widths Form ......................................................................................44Page Setup Form ..............................................................................................................45Report Destination Form ..................................................................................................46

Save Entitlement Report Page ................................................................................................47Edit Entitlement Report Page .................................................................................................47Run Entitlement Report Page .................................................................................................48Report Execution Page ............................................................................................................49

Using the Task Manager ....................................................................................................... 50Accessing the pbrun Task Manager ...............................................................................................51Executing Commands in the pbrun Task Manager ........................................................................52Accessing the pbssh Task Manager ...............................................................................................52Executing Commands in the pbssh Task Manager ........................................................................53Customizing the Task Manager Console .......................................................................................54

Available Arguments ...............................................................................................................55Sample HTML Snippet .............................................................................................................56

Policy File Management ....................................................................................................... 57Policy Editor Overview ..................................................................................................................57Selecting or Creating a Policy File .................................................................................................57

Policy File Selection Page ........................................................................................................57Policy Editor ...................................................................................................................................58

Policy Editor Page ...................................................................................................................59Policy Tree ........................................................................................................................59Navigating the Policy Tree ................................................................................................60

Working With Components ....................................................................................................61Adding a Component ........................................................................................................61Modifying a Component ...................................................................................................61Deleting a Component .....................................................................................................61Copying a Component ......................................................................................................61Moving a Component .......................................................................................................62Viewing a Component’s Code ..........................................................................................62Checking the Policy for Errors ..........................................................................................62Saving the Policy File ........................................................................................................62

Smart Editors .................................................................................................................................62Define Variables Editor ...........................................................................................................62

Define Variables Page .......................................................................................................63

Contents


Variable Editor Page .........................................................................................................64Comment Editor ......................................................................................................................65Code Editor .............................................................................................................................66Logging Editor .........................................................................................................................67

I/OTab ...............................................................................................................................67Event Tab ..........................................................................................................................68

Run Variables Editor ...............................................................................................................69Command Tab ..................................................................................................................69Host Tab ...........................................................................................................................71User Tab ...........................................................................................................................73Group Tab .........................................................................................................................74

Task Environment Editor .........................................................................................................76Password Confirmation Editor ................................................................................................78Accept/Reject Editor ...............................................................................................................79Policy W5 Editor ......................................................................................................................80

Who Tab ...........................................................................................................................82What Tab ..........................................................................................................................83Where Tab ........................................................................................................................84Whence Tab .....................................................................................................................85When Tab .........................................................................................................................87

Example Policy Tutorial .................................................................................................................88Open the Policy Editor ............................................................................................................88Grant Yourself a Root Shell .....................................................................................................88Prompt for Your Password ......................................................................................................89Enable I/O Logging ..................................................................................................................90View the Generated Policy Code ............................................................................................90Save the Policy and Exit the Policy Editor ...............................................................................91

Settings Files ........................................................................................................................ 92Edit Settings File Page ...................................................................................................................92Check Values Page .......................................................................................................................117

Customizing the GUI .......................................................................................................... 118GUI Configuration Page ...............................................................................................................118

Index .................................................................................................................................. 122

Introduction


IntroductionThis document provides system administrators and authorized users with information about how to perform various tasks with the browser interface (also known as a graphical user interface, or GUI) that is included with the BeyondTrust PowerBroker® for Unix & Linux software. PowerBroker for Unix & Linux includes PowerBroker® for Unix & Linux ‐ UNIX® Edition, PowerBroker for Unix & Linux ‐ Linux® Edition, PowerBroker® for Virtualization, and PowerBroker® Express. The PowerBroker® for Unix & Linux browser interface enables you to view event logs and replay I/O logs, create and run log and entitlement reports, create and modify policy files, and edit the PowerBroker for Unix & Linux settings file.

Conventions Used in This Guide

Specific font and linespacing conventions are used in this book to ensure readability and to highlight important information such as commands, syntax, and examples.

Font ConventionsThe font conventions used for this document are:

• Courier New Font is used for program names, commands, command arguments, directory paths, variable names, text input, text output, configuration file listings, and source code. For example:/etc/powerbroker/product.cfg

• Courier New Bold Font is used for information that should be entered into the system exactly as shown. For example: pbcheck -v

• Courier New Italics Font is used for input variables that need to be replaced by actual values. In the following example, variable-name, must be replaced by an actual environment variable name. For example:result = getenv (variable-name);

• Bold is used for Windows buttons. For example:Click OK.

Linespacing ConventionsThe linespacing of commands, syntax, examples, and computer code in this manual may vary from actual Windows and Unix/Linux usage because of space limitations. For example, if the number of characters that is required for a single line does not fit within the text margins for this book, then the text is displayed on two lines with the second line indented, as shown in the following sample:result = sprintf ("System administrator Ids: %s %s %s", "Adm1", "Adm2",

"Adm3");

Introduction


Where to Go Next?

For licensing information and installation instructions for PowerBroker for Unix & Linux, see the PowerBroker for Unix & Linux Installation Guide.

For detailed information and advanced procedures for PowerBroker for Unix & Linux, see the PowerBroker for Unix & Linux System Administration Guide.

Documentation Set for PowerBroker for Unix & LinuxThe complete PowerBroker for Unix & Linux documentation set includes the following:

• PowerBroker for Unix & Linux Installation Guide• PowerBroker for Unix & Linux System Administration Guide• PowerBroker for Unix & Linux Policy Language Guide• PowerBroker for Unix & Linux Browser Interface Guide• PowerBroker for Unix & Linux Diagnostic Messages Guide• Online help (for Windows)• Man pages (for Unix/Linux)

Note: Use the PowerBroker Sudo Converter Getting Started Guide and PowerBroker Sudo Converter Procedures Guide to install, configure and administer PowerBroker Sudo Converter software.

Sample Policy FilesWhen you install PowerBroker for Unix & Linux, you can choose to copy sample PowerBroker for Unix & Linux policy files to the installation host. These sample policy files include detailed explanations of what they do. You can use these files to learn how policy files are typically written for various scenarios. The directory that these sample files are copied to is determined by the GUI library directory option that you specify during installation. By default, this directory is /usr/local/lib/pbbuilder. A readme_samples text file in that directory includes a brief description of each sample file.

Introduction


Contacting SupportFor support, go to our Customer Portal then follow the link to the product you need assistance with.

The Customer Portal contains information regarding contacting Technical Support by telephone and chat, along with product downloads, product installers, license management, account, latest product releases, product documentation, webcasts and product demos.

Telephone

Privileged Account Management SupportWithin Continental United States: 800.234.9072

Outside Continental United States: 818.575.4040

Vulnerability Management SupportNorth/South America: 866.529.2201 | 949.333.1997

+ enter access code

All other Regions:Standard Support: 949.333.1995

+ enter access code

Platinum Support: 949.333.1996

+ enter access code

Onlinehttp://www.beyondtrust.com/Resources/Support/

http://www.beyondtrust.com/Resources/Support/http://www.beyondtrust.com/Resources/Support/

Getting Started


Getting StartedThe PowerBroker for Unix & Linux browser interface is a Web‐based GUI that provides a user‐friendly alternative to administering PowerBroker for Unix & Linux from a Unix/Linux command line. The GUI enables you to easily modify the PowerBroker for Unix & Linux settings file, view event records from the event log, replay I/O logs, and create and modify policy files.

There are two ways to access the PowerBroker for Unix & Linux browser interface:

• Directly, by using the browser interface URL in a Web browser. This method is known as stand‐alone access.

• By clicking a PowerBroker for Unix & Linux instance on the PowerBroker Management Console (PowerBroker Console) menu. The PowerBroker for Unix & Linux browser interface is displayed within the PowerBroker Console user interface.

The PowerBroker Console is a Web application that provides an easy‐to‐use and centralized console for managing both PowerBroker for Unix & Linux and PowerBroker for Unix & Linux, and provides advanced tools for reviewing and administering PowerBroker for Unix & Linux logs. For more information about the PowerBroker Console, see PowerBroker Management Console Getting Started Guide.

Prerequisites

The GUI is compatible with the following browsers beginning with the indicated versions: Opera V8.5, Mozilla V1.7, Firefox V1.5, Netscape V7.1, and Internet Explorer V6.0. The browser must have JavaScript, cascading style sheets, and pop‐ups enabled. The suggested monitor display settings are 1024 x 768 pixels and higher.

Before users can use stand‐alone access the PowerBroker for Unix & Linux GUI, the PowerBroker for Unix & Linux Policy Server host must be configured to allow access to pbguid. Update the policy file (either /etc/pb.conf or a policy file that is included in /etc/pb.conf) to limit access to the various activities to specific users or groups.

The following policy code shows an example:

browseusers = { "chris" };settingsusers = {"kim"};logusers = {"kim", "chris"};iologusers = { "kim" };policyusers = { "admin" };policysaveusers = { "admin" };reportusers = { "admin", "kim", "chris" };configusers = { "admin" };reportinfousers = { "admin", "kim" };reporteditusers = { "admin", "chris" };reportsaveusers = { "admin", "chris" };reportexecuteusers = { "admin", "kim" };entitlementinfousers = { "admin", "kim" };entitlementusers = { "admin", "kim", "chris" };entitlementeditusers = { "admin", "chris" };entitlementsaveusers = { "admin", "chris" };entitlementexecuteusers= { "admin", "kim" };

if (pbclientname == "pbguid") { if ((argv[1] == "settings") && (user in settingsusers)) accept;

Getting Started


if ((argv[1] == "log") && (user in logusers)) accept;

if ((argv[1] == "iolog") && (user in iologusers)) accept;

if ((argv[1] == "browse") && (user in browseusers)) accept;

if ((argv[1] == "policy") && (user in policyusers)) accept;

if ((argv[1] == "save") && (user in policysaveusers)) accept;

if ((argv[1] == "report") && (user in reportusers)) { if(argc > 2) { # Restrict access to edit a report set file if((argv[2] == "edit") && (user ! in reporteditusers)) reject;

# Restrict access to save a report set file if((argv[2] == "save") && (user ! in reportsaveusers)) reject;

# Restrict access to execute a report set file if((argv[2] == "exec") && (user ! in reportexecusers)) reject;

# Restrict access to get info from a report set file if((argv[2] == "info") && (user ! in reportinfousers)) reject; } accept; } if ((argv[1] == "defaults") && (user in configusers)) accept;

if ((argv[1] == "entitlement") && (user in entitlementusers)) { if (argc > 2) { # Restrict access to edit a report set file if((argv[2] == "edit") && (user ! in entitlementeditusers)) reject;

# Restrict access to save a report set file if((argv[2] == "save") && (user ! in entitlementsaveusers)) reject;

# Restrict access to execute a report set file if((argv[2] == "exec") && (user ! in entitlementexecusers)) reject;

Getting Started


# Restrict access to info from a report set file if((argv[2] == "info") && (user ! in entitlementinfousers)) reject; } accept; }

reject;}For more information about the values of argv[1] and argv[2] for the browser interface program, see the pbguid reference in the PowerBroker for Unix & Linux System Administration Guide.

As an alternative, you can use the following code to enable access to all activities for the admin user:

if ((pbclientname == "pbguid") && (user == "admin")) accept;else reject;

Browser Startup

To use the PowerBroker for Unix & Linux browser interface, open Internet Explorer, Mozilla, Firefox, Netscape, or Opera. To start an HTTP session, enter the following in the browser address field:

http://system_name:port_numberFor example, if your system is named orange and the port assigned for use with HTTP is 24348, enter:

http://orange:24348To start an HTTPS session, enter:

https://system_name:port_numberFor example, if your system is named mango and the port assigned for use with HTTPS is 24349, enter:

https://mango:24349In both cases, system_name is the system on which PowerBroker for Unix & Linux is installed and port_number is the port assigned for use with the protocol. By default, the ports are 24348 for HTTP and 24349 for HTTPS, but these ports can be changed during a PowerBroker for Unix & Linux installation. The current HTTP and HTTPS port numbers can be found by examining the /etc/services file or the superdaemon configuration files.For more information, see “Select Port Numbers” and “pbinstall Installation Menu” in the PowerBroker for Unix & Linux Installation Guide.

Getting Started


Main Page

When the PowerBroker for Unix & Linux browser starts, the Main Page is displayed (refer to the following figure). This is the point of entry into the PowerBroker for Unix & Linux GUI. To return to this screen, click Reload or Refresh on your browser.

Figure 1. Main Page

A resizable navigation menu is located on the left side of the PowerBroker for Unix & Linux browser. The menu contains several hyperlinks that enable easy navigation to the browser’s various areas. When the browser is first opened, the Navigation menu resembles the following figure. Items that are next to a plus (+) icon can be expanded to reveal other hyperlinks in the menu hierarchy.

Figure 2. Navigation Menu

Getting Started


The hyperlinks present in this menu are as follows:

View Logs Clicking on this hyperlink displays the Event Log and I/O Log hyperlinks.

Event Log Opens the Event Log Selection page

I/O Log Invokes the I/O Log Selection page

Report Tools Displays the Log Reports and Entitlement Reports hyperlinks.

Log Reports Use this link to access links to create, edit, and run log reports

Report Wizard Jumps to the Event Log Report Wizard

Edit Report Displays the Edit Log Report page

Run Report Leads to the Run Log Report page.

Entitlement Reports Use this link to access links to create, edit, and run entitlement reports

Report Wizard Opens the Entitlement Report Wizard

Edit Report Jumps to the Edit Entitlement Report page

Run Report Displays the Run Entitlement Report page

Task Manager Displays the Task Manager page

Policy Editor Invokes the Policy File Selection page

Settings File Clicking on this hyperlink displays hyperlinks to specific areas of the Edit Settings File page.

Licensing Jumps to the Licensing section of the Edit Settings File page.

Policy Server Jumps to the Policy Servers section of the Edit Settings File page.

Policy Location Jumps to the Policy Location section of the Edit Settings File page.

Ports Jumps to the Ports section of the Edit Settings File page.

Port Configuration Jumps to the Port Configuration section of the Edit Settings File page.

Log Server Jumps to the Log Server section of the Edit Settings File page.

Logging Jumps to the Logging section of the Edit Settings File page.

Encryption Jumps to the Encryption section of the Edit Settings File page.

Host Names Jumps to the Host Names section of the Edit Settings File page.

Security Jumps to the Security section of the Edit Settings File page.

Getting Started


Enter Network Password Dialog BoxSelecting any of the hyperlinks on the Navigation menu for the first time during a session opens the Enter Network Password dialog box (refer to the following figure). The name, appearance, and controls for this dialog box will vary from one browser to another.

This dialog box is used to obtain user authentication before allowing the user to modify the settings or policy files, view the logs, or use the reporting tools.

To avoid compromising your system’s security, it is recommended that you NOT use the Save password feature of this dialog box.

Figure 3. Enter Network Password Dialog Box

The user name and password is authenticated and allows the user to execute only those tasks that are defined by the administrator in the configuration file.

Warning! It is recommended that you close all instances of your browser when you have finished your session to prevent password caching. It is further recommended that you do not store your password when using browsers that support this function.

Shared Libraries Jumps to the Shared Libraries section of the Edit Settings File page.

SSL Settings Jumps to the SSL section of the Edit Settings File page.

PAM Jumps to the PAM section of the Edit Settings File page.

Kerberos Jumps to the Kerberos section of the Edit Settings File page.

GUI Jumps to the GUI section of the Edit Settings File page.

PSMC Support Jumps to the PowerBroker Console Support section of the Edit Settings File page.

GUI Configuration Opens the GUI Configuration page.

Getting Started


Kerberos Authentication Dialog BoxIf PowerBroker for Unix & Linux is configured to use Kerberos, the user is also asked to enter a password for Kerberos authentication (as shown in the following figure).

Figure 4. Kerberos Authentication Dialog Box

File Browser Page

The File Browser Page (as shown to the following figure) is used to select files for the Log Selection Page, I/O Log Selection Page, Policy File Selection Page, report wizards, and some of the Smart Editor pages. For purposes of this discussion, these pages are known as calling pages.

Figure 5. File Browser Page

Getting Started


Opening the File BrowserTo open the File Browser, click Browse in the calling page.

NavigatingThe File Browser displays directory and file lists in alphabetical order (only valid file and directory names are listed). The list can be re‐sorted by name, size, and so on, by clicking on the appropriate column heading.

There are several ways to navigate through the directories. You can click on the directory icons on the left side of the page or you can type a directory name in the Path field and click Go. The directory icons can also be used in conjunction with the Path field and Go button.

Refreshing the ListTo refresh the contents of the File Browser, click Reload.

Filtering the ListThe files that are in the currently selected directory are listed on the left side of the page. These files can be filtered to list only those with a certain extension or character string in their filenames. To filter a list of files, type a wildcard search character and the character string to search for in the File Filter field and click Filter.

Selecting a FileTo select a file, click the file’s icon. The File Browser closes, and the selected file name is used in the appropriate field in the calling page.

Viewing Logs


Viewing LogsPowerBroker for Unix & Linux enables system administrators to select and view event and I/O logs. Event logs contain a record of PowerBroker for Unix & Linux events; I/O logs provide a history of a user’s keystrokes during a given PowerBroker for Unix & Linux session. This chapter describes the PowerBroker for Unix & Linux interfaces for selecting and viewing these logs.

Viewing PowerBroker for Unix & Linux Events

The PowerBroker for Unix & Linux GUI provides a Web‐based interface for viewing PowerBroker for Unix & Linux events that are saved in event log files. Because events can be saved in more than one event log, the first step in viewing PowerBroker for Unix & Linux events is to select a log. Individual events can be viewed from the selected event log.

Selecting an Event Log and Records PageTo select an event log and records to view, do the following:

1. In the left navigation menu, select View Logs, Event Log. If prompted, log in with your Unix/Linux user name and password. The Event Log Selection page opens.

Figure 6. Event Log Selection Page

2. In the File field, specify an absolute path (directory and file name) for the desired event log. You can click Browse to select the event log from the File Browser (see “File Browser Page,” page 15), or you can click Use Default to select the default event log.

3. Optional. Specify a date range with the Start Date and End Date fields. Leave the Start Date blank to view logs from the beginning of the log file; leave the End Date blank to include the most recent events.

4. Use the View options to select how you want to view the evens. Select Short to view a table of events; select Detailed to view details of each event.

5. Optional. Choose the event types to view by selecting or clearing the Accept, Reject, or Forbidden Keystroke check boxes.

6. Optional. Use the Records Per Page drop‐down list to limit the number of event records to display on a single page.

7. Click View Event Log.

Viewing Logs


If you selected the Short option, then PowerBroker for Unix & Linux displays the event log in the Event Log Page. If you selected the Detailed option, then PowerBroker for Unix & Linux displays the event log in the Event Log Detail Page.

Using the Event Log PageThe Event Log Page (as shown in the following figure) displays the event log records that were selected in the Event Log Selection page. This page provides information that is similar to the output from PowerBroker for Unix & Linux’ pblog program.

Figure 7. Event Log Page

You can do any of the following on this page:

• Use the links in the top right corner of the report to go directly to a specific page of 50 records.

• The bottom right corner of the report window indicates the event log name and the total number of events that are displayed. Use the Expand icon ( ) to view the report across the entire browser window. Use the Shrink icon ( ) to restore the normal report view.

• Sort the table by a given column by clicking on the column heading.• Click on the value in the Result column for an event to view details about that event in the

Event Log Detail Page.

Viewing Logs


Using the Event Log Detail PageThe Event Log Detail page (as shown in the following figure) is opened from the PowerBroker Event Log Selection Page by selecting the Detailed option and clicking View Event Log. It can also be opened from the Event Log Page by clicking the value in the Result column for an event.

The Event Log Detail page displays detailed information for a specific log entry. This page shows the same information for a listing as the Event Log Page, plus all of the additional variables that were set for the command. The information is similar to that displayed by running pblog –l from the command line.

Figure 8. Event Log Detail Page

The bottom right corner of the report window indicates the event log name and which event out of the total events from the last query is being displayed. You can also use the Expand icon ( ) to view the report across the entire browser window. Use the Shrink icon ( ) to restore the normal report view.

In the top right corner of the report page, you can use the Prev and Next links to navigate to the previous record or the next record.

Each system‐defined variable has a hyperlink that opens online help that describes the variable.

Viewing PowerBroker for Unix & Linux I/O Logs

The PowerBroker for Unix & Linux GUI provides a Web‐based interface for viewing PowerBroker for Unix & Linux I/O logs. This section describes the I/O GUI and information about its use.

I/O logging is described in the Logging section of the PowerBroker for Unix & Linux System Administration Guide and iolog section of the PowerBroker for Unix & Linux Policy Language Guide.

Note: The PowerBroker for Unix & Linux GUI I/O Viewer supports vt100, xterm, and dtterm terminals. The viewer attempts to display I/O logs from any terminal type, but there is no guarantee that unsupported terminals will be rendered accurately. Special graphic characters such as line drawing characters are not supported.

Viewing Logs


Selecting an I/O LogTo select an I/O log for viewing, do the following:

1. In the left navigation menu, select View Logs, I/O Log. If prompted, log in with your Unix/Linux user name and password. The Event Log Selection page opens.

Figure 9. I/O Log Selection Page

2. In the File field, specify an absolute path (directory and file name) for the desired I/O log. You can click Browse to select the I/O log from the File Browser (see “File Browser Page,” page 15).

3. Optional. Use the Terminal Foreground and Terminal Background drop‐down lists to select the terminal foreground and background colors. Click Use Default to select the default colors.

4. Optional. Specify the amount of time, in milliseconds, to pause after displaying each line during playback. Click Use Default to reset this value to the default.

5. Optional. Specify the number of lines of input to display. To display all input lines, specify 0 (zero) in this field. Click Use Default to reset this value to the default.

6. Optional. Select the font size for the display. Click Use Default to reset this value to the default.

7. Click View I/O Log. PowerBroker displays the I/O log in the I/O Log Viewer page.

Using the I/O Log Viewer PageThis page (as shown in the following figure) opens after you select an I/O log file in the I/O Log Selection page and click View I/O Log. The I/O Log Viewer Page enables you to play back a I/O log and see a simulation of the keystrokes that were made by a user during a session.

As powerful as PowerBroker for Unix & Linux’s I/O logging capability is, it does have a few limitations:

Viewing Logs


• The terminal emulation (color, font, etc.) might not match what the user saw during the session.

• The essential keystrokes and responses are displayed, but not all of the original formatting.• I/O logging records keystrokes, output streams, and error streams, but not mouse clicks or

other GUI actions.• No attempt is made to reproduce the timing of the original input. The simulation is taking

place in a browser and the timing observed is constrained by the location of the server processing the browser requests as well as network traffic.

• The operating system may become overwhelmed if either New Input or Next Newline are clicked multiple times too rapidly. Clicking these buttons rapidly can cause you to be prompted for a user name and password, but you are unable to log in.

Figure 10. I/O Log Viewer Page

Viewing Logs


The I/O Log Viewer consists of three areas:

• The top is a button‐based menu for controlling the I/O log playback, moving within the log, and navigating to other parts of the application.

• The center section of the screen displays the I/O log playback. This playback is a simulation of what the original user would have seen on the Unix/Linux terminal.

• The bottom of the page shows information regarding when the current I/O event was logged and its location within the I/O log.

To play back a I/O log, click Play. Click Pause to stop the playback. Use the following controls to navigate through the log and access additional features:

Go to Start button Moves to the beginning of the log

Play/Pause button Starts and stops the I/O log playback loop

Next Input button Advances the playback to the next keystroke

Next Newline button Advances the playback to the next newline in the I/O log

Go to End button Moves to the end of the log

Search field Used to enter a place (position), text string, or time to search for in the I/O log. Place is a position from the start of the file. It is specified as any positive number limited to the size of the I/O log. Text to search for can be specified as individual characters and whole or partial strings. Wildcard search characters cannot be used. Time is specified as [MM/DD/[CC]YY] HH:MM[:SS] (for example, 13:40 or 11/28/2001 13:40:48).Note that the I/O log file uses discrete position and time intervals. Instead of going to an exact position or time, you can go only to the next highest position or time increment.

This field is used in conjunction with the Search drop‐down list and Search button.

Search drop‐down list Specifies whether the entry to search for is a place (location), text string, or time. This drop‐down list is used in conjunction with the Search field and Search button.

Search button Looks for the exact search text, next greatest time, or next largest place in the input stream, depending on which option was selected. This button is used in conjunction with the Search field and Search drop‐down list.

Show Variables button Shows the PowerBroker for Unix & Linux variables that were stored in the I/O log when it was created (see “I/O Log Variables Page,” page 23).

Show Input button Shows the input that a user typed. The information is displayed in a separate window (see “Using the I/O Log Input Viewer Page,” page 23).

Viewing Logs


I/O Log Variables PageThe I/O Log Variables page (as shown in the following figure) is opened from the I/O Log Viewer page by clicking Show Variables. This page displays detailed information for a specific I/O log. This page shows the same information for a listing as the I/O Log Viewer page, plus all of the additional variables that were set for the command. The information is similar to that displayed by running pbreplay -av from the command line.

Figure 11. I/O Log Variables Page

The top of the page displays the name of the I/O log and the date, time, submitting user, submitting host, run user, run host, and the command that was run.

Click Close to exit the I/O Log Variables page.

Using the I/O Log Input Viewer PageClicking Show Input in the I/O Log Viewer page opens the I/O Log Input Viewer page (as shown in the following figure). The I/O Log Input Viewer page displays the keystroke input stream. In other words, it shows what the user typed. The information that is presented is similar to that displayed when running pbreplay -i from the command line.Note: Clicking Show Input displays the input only up to a given point in the I/O log file. That

point must have already been navigated to with the browser.

File Selection button Returns to the I/O Log Selection page. For a description of this page, see “Selecting an I/O Log,” page 20.

Viewing Logs


Figure 12. I/O Log Input Viewer Page

Use the Input Type drop‐down list to specify the format of the input data. The options are Hexadecimal, Octal, and Mapped. The Mapped option replaces unprintable characters with descriptive tags.

Click Close to close the I/O Log Input Viewer page.

Reports


ReportsIn addition to enabling users to view event and I/O logs, PowerBroker for Unix & Linux provides a report tool for creating, modifying, and executing user‐defined reports based on the event log or policy entitlements. This chapter describes how to create these reports.

PowerBroker for Unix & Linux reporting is conducted in two phases: data extraction and report generation. The data extraction phase retrieves the information from the event log or policy file according to your specifications. The report generation phase generates the output for one or more reports that are based on the extracted data. For log reports, the generated report can be a comma‐separated values (CSV) file, delimited data that is piped to a Unix/Linux command, or a formatted report that is generated by the PowerBroker Reporting Tool. (Entitlement reports use the PowerBroker Reporting Tool only.) The output from the PowerBroker Reporting Tool can be viewed on the screen, saved to a file, or piped to a command.

Your reporting specifications can be saved as a report set. A report set consists of the data extraction specifications (including which fields to extract and how the data should be filtered), along with one or more optional PowerBroker Reporting Tool report definitions. A report definition is a set of instructions for formatting the report, including column headings and widths, sorting and grouping, summarizations, and page headers and footers. Log report sets can contain multiple report definitions; entitlement reports include only one report definition.

Event Log Reporting

[ver 3.5 and earlier] Event Log Reporting not available[ver 4.0 and later] Event Log Reporting available

The PowerBroker for Unix & Linux GUI provides a web‐based interface to create, modify, and run reports against the PowerBroker for Unix & Linux event logs. Report specifications are saved in report set files. These specifications contain all the information that is needed to extract event log data from the PowerBroker for Unix & Linux event logs and, if required, perform various reporting capabilities on the extracted data, such as sorting, grouping, and summarizations.

Note: Event log report set files can be run from the command line using the pbreport program.

The Event Log Report Wizard (“Defining a New Report with the Event Log Report Wizard,” page 26) can be used to create new report sets. Each report set file contains, at a minimum, specifications for data extraction from one or more PowerBroker for Unix & Linux event logs, as well as one or more report definitions for reporting on the extracted data. No report definitions are needed if you want merely to export the event log records for use with a third‐party reporting application.

Note: The Event Log Report Wizard should not be expected to handle overly complex reports. Such reports are best implemented with a third‐party reporting application using event data that is exported from the event logs.

Reports


Defining a New Report with the Event Log Report WizardThe Event Log Report Wizard is used to create or modify a report set file. The wizard is a collection of forms that are navigated using Back and Next buttons. The wizard guides you, step‐by‐step, through the report definition process.

The Event Log Report Wizard includes the following forms:

• Event Logs to Export• Select Fields to Extract• Filter Constraints• Destination for Extracted Data• Column Headers & Widths• Sorting, Grouping & Control Breaks• Field Summaries• Page Setup• Report Destination• Report SetMost forms in this wizard have the following common features:

Many of the labels in the wizard are hyperlinks. Clicking on a hyperlink opens online help for that portion of the wizard.

An asterisk (*) next to a field name indicates that a value is required for that field.

Note: Avoid using the Web browser Back button while using the Event Log Report Wizard. Doing so causes the browser to abandon the report wizard and display the previous page.

To create a new report set, select Report Tools, Log Reports, Report Wizard in the left navigation menu.

Report Summary field Optional description of the report set

Current Report Title field Title of the report set that is being created or modified (required)

Back button Jumps to the previous step in the wizard

Cancel button Quits the wizard and returns to the PowerBroker for Unix & Linux browser Main page (see “Main Page,” page 12).

Reset button Resets the form to the previously saved values or appropriate defaults.

Next button Jumps to the next step in the wizard.

Reports


Selecting Event LogsThe Event Log File(s) form (as shown in the following figure) enables you to select the PowerBroker for Unix & Linux event logs to export for report processing. When you create a new report set file, the default event log file (as defined in the PowerBroker for Unix & Linux settings file) is automatically selected.

Figure 13. Event Log File(s) Form

To select one or more event logs for the report set, do the following:

1. Optional. Specify a description of the report in the Report Summary field.

2. Specify a title for the report in the Current Report Title field.

3. In the Log File field, specify the absolute path (directory and file name) to the desired event log. Click Browse to select the event log with the File Browser, or click Use Default to use the default event log file.

4. Optional. To extract data from more than one event log file, click Add to List (+) and repeat the previous step Repeat this process for each desired event log file.

5. Optional. To remove an event log from the list, select the event log and click Remove (‐).

6. When you finish selecting event log files, click Next. The Fields to Extract form opens.

Reports


Selecting Fields to ExtractThe Fields to Extract form (as shown in the following figure) enables you to select the fields to extract from the event logs that you specified in the previous form (see “Selecting Event Logs,” page 27). These fields are used to create the reports.

Figure 14. Fields to Extract Form

To select fields, do the following:

1. In the Available Fields list, select one or more fields. Use CTRL+click to select multiple fields. Use Add Fields (>) to add the selected fields to the Selected Fields list, or use Add All Fields (>>) to add all fields in the Available Fields list to the Selected Fields list.

2. Optional. To remove fields from the Selected Fields list, select one or more fields and click Remove Fields (

Reports


Filtering the DataThe Data Filtering form (as shown in the following figure) enables you to set up filter constraints to selectively determine which events to include in the reports. If no filtering is required, you can skip this form by clicking Next.

Figure 15. Data Filtering Form

To filter the report data, do the following:

1. In the Field column, use the drop‐down list to select a field to filter on. This field need not be one of the fields that you selected in the Fields to Extract form.

2. In the Restrictions column, use the drop‐down list to select a comparison operator.

3. In the Value column, specify a value to compare with the field value.

4. Optional. Use the drop‐down list in the Op column to select AND or OR. A new row is added to the table. Repeat steps 1 through 4 for each filter constraint.

5. Optional. To add a row, select the option button for the row that you would like the new row to come after, and click the Add Row (+) link.

6. Optional. To remove a row, select the option button for that row and click the Remove Row (‐) link.

7. Optional. To add a field to the drop‐down lists in the Fields column, click the Add link and specify the name of the new field.

8. Optional. To remove a field from the drop‐down lists in the Fields column, click the Remove link. In the PowerBroker Selector dialog box, select one or more fields to remove and click Select.

9. When you finish specifying filter constraints, click Next. The Extracted Data Management form opens.

Reports


When using the Filter Constraints Form, there are several points to keep in mind:

• Regular expressions are not supported.• The following constraints do not require a specified value:

– Is empty/zero– Is not empty/zero– Exists– Does not exist

• The behavior of Contains and Does not contain depends on the field’s data type. If the field is a string, then these operators test whether the specified value is contained within the field’s string value. If the field is a list of strings, then these operators test whether the specified value exactly matches at least one of the items in the field’s list.

• The Is in and Is not in constraints require a list of one or more strings, separated by commas, as the specified value.

Extracted Data Management FormThe Extracted Data Management form (as shown in the following figure) enables you to specify the destination for the extracted data. The extracted data can be sent to the PowerBroker reporting tool, a comma‐separated values (CSV) file, a command, or some combination of the three.

Figure 16. Destination for Extracted Data Form

To select one or more destinations for the report data, do the following:

1. To send the data to the PowerBroker Reporting Tool, select the PB Report check box. (If PB Report is not selected, then the data will be extracted, but no report will be generated.)

2. To save the data to a CSV file, select the File check box, and specify the absolute path (directory and file name) in the field. You can click Browse to select the file (if it already exists) with the File Browser. Select Append to add the data to an existing file, or select

Reports


Overwrite to overwrite an existing file or create a new file. (If both Append and Overwrite are cleared and the file exists, the extraction will fail.)

3. To pipe the data to a command, select the Command check box and specify the command string in the field.

4. Optional. For the file and command options, use the Label check box to cause the first row to contain the column labels, and specify an alternative field delimiter in the Separator field.

5. When you finish making selections, click Next (or Finish).Note: If the File or Command check box is selected and the PB Report check box is not selected,

then the Next button changes to Finish, indicating that there is nothing more to be done in the wizard. Clicking Save opens the Report Set File Save Page (see “Save Log Report File Page,” page 37).

Column Headers & Widths FormThe Column Headers & Widths form (as shown in the following figure) enables you to select the fields to display and to configure the column headers and field widths when the report data is being sent to the PowerBroker Reporting Tool.

Figure 17. Column Headers & Widths Form

To specify the appearance of the columns, do the following:

1. Using the check boxes in the Include column, select the fields to display.

2. In the Header column, specify a label to use for each column.

3. In the Width column, specify a width (in characters) for each column.

4. Optional. To reset to the previously saved header and width specification, click Reset for a given field.

5. When you finish specifying labels and column widths, click Next.The Total Width field indicates the total width of the report in characters. The maximum total width is 500 characters.

Reports


Sorting, Grouping & Control Breaks FormThe Sorting, Grouping & Control Breaks form (as shown in the following figure) enables you to configure the desired sorting per field (either ascending or descending), whether or not to group on a sorted field, and what type of break to introduce between groupings (none, line or page break). Up to eight sorting levels can be specified; up to seven levels can be grouped. These specifications are used to arrange the output in the PowerBroker Reporting Tool.

Figure 18. Sorting, Grouping & Control Breaks Form

To specify sorting, grouping, and breaks for your report, do the following:

1. In the Field column, select a field on which to sort or group the data.

2. In the Order column, select whether the data should be arranged in ascending or descending order.

3. Optional. To group the data by the column, select the Group check box.

4. Optional. To break the report after each grouping, select the break type (none, Line, or Page) with the Break drop‐down list.

5. Repeat steps 1 through 4 for each level.

6. When you finish, click Next.

Reports


Field Summaries FormThe Field Summaries form (as shown in the following figure) enables you to specify the desired summaries per field and whether or not to generate a detailed report. These specifications are used to summarize the output in the PowerBroker Reporting Tool.

Figure 19. Field Summaries Form

To specify summaries for your report, do the following:

1. To produce a report that contains summaries only with no detail rows, select Summarize Only.

2. For each summary type (Sum, Average, and so on), select the fields for which you want the summary to apply. To apply a summary type to all fields, select the check box under the name of that type. You can select more than one summary type for each field.Note: Fields that are excluded in the Column Headers & Widths form or are grouped in the

Sorting & Grouping form cannot be summarized.

3. When you finish specifying summaries, click Next.

Reports


Page Setup FormThe Page Setup form (as shown in the following figure) enables you to set up the page header and page footer for the current report, as well as the desired page length in lines. These settings are used to control the report layout in the PowerBroker Reporting Tool.

Figure 20. Page Setup Form

To set up the report page layout, do the following:

1. Using the drop‐down lists in the Page Header box, select the items to print at the top left, top center, and top right of every page.

2. Using the drop‐down lists in the Page Footer box, select the items to print at the bottom left, bottom center, and bottom right of every page.

3. If you selected Optional Text #1 or Optional Text #2 anywhere in steps 1 or 2, specify the text in the Text #1 or Text #2 fields.

4. Specify the number of lines per page in the Page Length field.

5. When you finish specifying the page layout, click Next.

Reports


Report Destination Form The Report Destination form (as shown in the following figure) enables you to specify one or more destinations for the report that is generated by the PowerBroker Reporting Tool.

Figure 21. Report Destination FormTo specify report destinations, do the following:

1. To send the report to the screen, select the Screen check box. When you run the report from the command line, PowerBroker for Unix & Linux sends the report sent to stdout. When you run the report from the browser interface, PowerBroker for Unix & Linux displays the report in a browser window.

2. To send the report to a file, select the File check box. Specify the absolute path (directory and file name) of the file. You can click Browse to select the file (if it already exists) with the File Browser. Select Append to add the data to an existing file, or select Overwrite to overwrite an existing file or create a new file. (If both Append and Overwrite are cleared and the file exists, then the report will not be saved.)


4. When you finish making selections, click Done.

Reports


Defined Report Sets Form The Defined Report Sets form (as shown in the following figure) enables you to create additional reports for the same set of extracted data, and to edit or remove existing reports in the report set. When multiple reports are defined in a report set, all reports are generated when the report set is run.

Figure 22. Defined Report Sets Form

To manage your report sets, you can do the following:

• To add a report to the report set, click New Report. The Column Headers & Widths form (see “Column Headers & Widths Form,” page 31) opens, enabling you to define a new report for the same extracted data.

• To modify an existing report definition, click the option button for that report definition and click Edit Report. The Column Headers & Widths form opens, enabling you to modify the settings for the report definition.

• To remove a report definition from the report set, click the option button for that report and click Remove Report.

When you finish managing the report set, click Finish.

Reports


Save Log Report File PageThe Report Set File Save Page (as shown in the following figure) is used to save the new or edited report set. The report set is saved as an XML file.

Figure 23. Report Set File Save Page

To save a report set, do the following:

1. In the Report Set File field, specify the absolute path (directory and file name) for the file. Include the .xml file name extension.You can click Browse to select an existing file.

2. Click Save. If you are saving to an existing file name, then you are asked if you want to overwrite the file.

When your report set is successfully saved, you are given the option to run the report immediately (see the following figure).

Figure 24. Report Set File Save Successful Page

Reports


Edit Log Report PageThe Edit Log Report Page (as shown in the following figure) is used to select a report set file to edit.

Figure 25. Edit Log Report Page

To edit a report set, do the following:

1. In the left navigation menu, choose Report Tools, Log Reports, Edit Report.

2. In the Report Set File field, specify the absolute path (directory and file name) for the report set file, or click Browse to select the file from the File Browser.

3. Click Edit to open the report set in the Event Log Report Wizard, or click Get Info to view detailed information about the report set file (see the following figure).

Figure 26. Report Set File Information Page

From the Report Set File Information page, you can use the browser Back button to return to the Edit Log Report page.

Reports


Run Log Report PageThe Run Log Report page (as shown in the following figure) is used to execute reports that were created with the Event Log Report Wizard.

Figure 27. Run Log Report Page

To run a report set, do the following:

1. In the left navigation menu, choose Report Tools, Log Reports, Run Report.

2. In the Report Set File field, specify the absolute path (directory and file name) for the report set file, or click Browse to select the file from the File Browser.

3. Click Run to generate the report set, or click Get Info to view detailed information about the report set file (see Figure 26, page 38).

Report Set Execution PageIf you chose to generate a report with the PowerBroker Reporting Tool, and you chose to display the report on the screen, then the Report Set Execution Page (as shown in the following figure) opens when you run the report

set.

Figure 28. Report Set Execution Page

When you finish viewing the report, use the browser Back button to return to the Run Log Report page.

Reports


Entitlement Reporting

[ver 4.0 and earlier] Entitlement Reports not available[ver 5.0 and later] Entitlement Reports available

Entitlement reports are based on PowerBroker for Unix & Linux policies and indicate, on a system‐by‐system basis, what a user can do.

Using the Entitlement Report WizardThe Entitlement Report Wizard is used to create or modify an entitlement report file. The wizard is a collection of forms that are navigated using the Back and Next buttons. The wizard guides you, step‐by‐step, from specifying the report type to export and the policy fields to extract, through specifying and saving the report definition.

The Entitlement Report Wizard includes the following forms:

• Policy File to Export• Report Type• Filter Constraints• Column Headers & Widths• Page Setup• Report DestinationMost forms in this wizard have the following common features:

Many of the labels in the wizard are hyperlinks. Clicking on a hyperlink opens online help for that portion of the wizard.

An asterisk (*) next to a field name indicates that a value is required for that field.

Note: Avoid using the browser Back button while using the Entitlement Report Wizard. Doing so causes the browser to abandon the reporting wizard and display the previous page.

Entitlement Report Title field

The report title (required)

Back button Jumps to a previous step in the wizard

Cancel button Quits the wizard and returns to the PowerBroker for Unix & Linux browser Main page (see “Main Page,” page 12)

Reset button Resets the form to the previously saved values or appropriate defaults

Next button Jumps to the next step in the wizard

Reports


Selecting a Policy File to Report OnThe Policy File to Export form (as shown in the following figure) enables you to select the PowerBroker for Unix & Linux policy file to export for report processing. When creating a new report file, the default policy file (as defined in the PowerBroker for Unix & Linux settings file) will be automatically selected.

Figure 29. Policy File to Export Form

To select a policy file to export, do the following:

1. Specify a title for the report in the Current Report Title field.

2. In the Policy File field, specify the absolute path (directory and file name) to the desired policy file. Click Browse to select the event log with the File Browser. Click Use Default to use the default event log file.

3. When you finish selecting a policy file, click Next. The Report Type form opens.

Reports


Selecting a Report TypeThe Report Type form (as shown in the following figure) enables you to specify the type of report to generate.

Figure 30. Report Type Form

To select the report type, do the following:

1. In the Report Type box, read the description of each report type and select the one that you want for this report.

2. Use the Detail Level drop‐down list to select the level of detail that you want for the report.

3. Click Next. The Constraints form opens.

Reports


Constraints FormThe Constraints form (as shown in the following figure) enables you to set up filter constraints to selectively determine which information to include in the reports. If no filtering is required, you can skip this form by clicking Next.

Figure 31. Constraints Form

To filter the report data, do the following:

1. In the Field column, use the drop‐down list to select a field to filter on.

2. In the Restrictions column, use the drop‐down list to select a comparison operator.

3. In the Value column, specify a value to compare with the field value.

4. Optional. Use the drop‐down list in the Op column to select AND or OR. A new row is added to the table. Repeat steps 1 through 4 for each filter constraint.

5. Optional. To add a row, select the option button for the row that you would like the new row to come after, and click the Add Row (+) link.

6. Optional. To remove a row, select the option button for that row and click the Remove Row (‐) link.

7. When you finish specifying filter constraints, click Next. The Column Headers & Widths form opens.

Reports


When using the Filter Constraints Form, there are several points to keep in mind:

• Regular expressions are not supported.• The following constraints do not require a specified value:

– Is empty/zero– Is not empty/zero– Exists– Does not exist

• The behavior of Contains and Does not contain depends on the field’s data type. If the field is a string, then these operators test whether the specified value is contained within the field’s string value. If the field is a list of strings, then these operators test whether the specified value exactly matches at least one of the items in the field’s list.

• The Is in and Is not in constraints require a list of one or more strings, separated by commas, as the specified value.

Column Headers & Widths FormThe Column Headers & Widths form (as shown in the following figure) enables you to select the fields to display and to configure the column headers and field widths.

Figure 32. Column Headers & Widths Form

To specify the appearance of the columns, do the following:

1. Using the check boxes in the Include column, select the fields to display.2. In the Header column, specify a label to use for each column.3. In the Width column, specify a width (in characters) for each column.4. Optional. To reset to the previously saved header and width specification, click Reset for a

given field.5. When you finish specifying labels and column widths, click Next.The Total Width field indicates the total width of the report in characters. The maximum total width is 500 characters.

Reports


Page Setup FormThe Page Setup form (as shown in the following figure) enables you to set up the page header and page footer for the current report, as well as the desired page length in lines.

Figure 33. Page Setup Form

To set up the report page layout, do the following:

1. Using the drop‐down lists in the Page Header box, select the items to print at the top left, top center, and top right of every page.

2. Using the drop‐down lists in the Page Footer box, select the items to print at the bottom left, bottom center, and bottom right of every page.

3. If you selected Optional Text #1 or Optional Text #2 anywhere in steps 1 or 2, then specify the text in the Text #1 or Text #2 fields.

4. Specify the number of lines per page in the Page Length field.

5. When you finish specifying the page layout, click Next.

Reports


Report Destination FormThe Report Destination form (as shown in the following figure) enables you to specify one or more destinations for the generated report.

Figure 34. Report Destination Form

To specify report destinations, do the following:

1. To send the report to the screen, select the Screen check box. When you run the report from the command line, PowerBroker for Unix & Linux sends the report to stdout. When you run the report from the browser interface, PowerBroker for Unix & Linux displays the report in a browser window.

2. To send the report to a file, select the File check box. Specify the absolute path (directory and file name) of the file. You can click Browse to select the file (if it already exists) with the File Browser. Select Append to add the data to an existing file, or select Overwrite to overwrite an existing file or create a new file. (If both Append and Overwrite are cleared and the file exists, then the report will not be saved.)


4. When you finish making selections, click Finish.

Reports


Save Entitlement Report Page The Save Entitlement Report page (as shown in the following figure) enables you to save the entitlement report definition.

Figure 35. Report Save Form

To save an entitlement report definition, do the following:

1. In the Entitlement Report File field, specify the absolute path (directory and file name) for the file. Include the .xml file name extension.You can click Browse to select an existing file.

2. Click Save. If you are saving to an existing file name, then you are asked if you want to overwrite the file.

When your report set is successfully saved, you are given the option to run the report immediately (see the following figure).

Figure 36. Report Save Successful Page

Edit Entitlement Report PageThe Edit Entitlement Report page (as shown in the following figure) is used to select the entitlement report file to edit.

Figure 37. Edit Entitlement Report Page

Reports


To edit an entitlement report definition, do the following:

1. In the left navigation menu, choose Report Tools, Entitlement Reports, Edit Report.

2. In the Entitlement Report File field, specify the absolute path (directory and file name) for the entitlement report file, or click Browse to select the file from the File Browser.

3. Click Edit to open the report set in the Entitlement Report Wizard, or cl

Documents

PowerBroker for Unix & Linux · 2020. 5. 18. · PowerBroker® for Unix & Linux browser interface enables you to view event logs and replay I/O logs, create and run log and entitlement