NOTE:
The above syntax is compatible with any
database that supports standard SQL (ANSI SQL 92).
The size of the EventSpecificInformation field should
be as large as the database can support.
With some databases it may be of type BLOB
(Binary Large Object) which supports large data types. Other databases
may restrict the size to be no larger than varchar(255).
The fields are described in the following table:
Event Table fields
Field
Description
UniqEventID
A Database wide Unique ID for this record.
If a single event record spans multiple
database records, then it will have the same
EventID field
SequenceNumber
This field is used when the data in a single
event record is so large that it must span
multiple database records. The
SequenceNumber corresponds to the data's
position in the original event record. The
SequenceNumber starts from 0. If there is
only one record for an event, the
SequenceNumber should still be set to 0
ProcessID
The Process ID of the originator of the message
GroupID
The group name of the process originating the message
LightWeightProcessID
The Light Weight Process (LWP) ID of the
originator of the message
LogSystemSource
The source of the log message.
For example, this could be syslog, audit, OSM, and so on
Length
The total length of the data portion of the log record.
If the log record is split across
multiple database records , this length still
reflects the total length of the log record
VersionID
The EELS version Number
TimeOffset
The offset in milliseconds from the beginning of the epoch
TimeUncertaintyInterval
The uncertainty interval in milliseconds of the
offset
TimeUncertaintyIndicator
The uncertainty indicator as a percentage of
confidence in the uncertainty interval
TimeSource
The signal or source of trusted time.
This is typically the hostname or network
address of the network time server
TimeZone
The timezone in the format specified in the XDAS specification
EventNumber
The number which uniquely identifies the
event (provided by caller)
EventNumberStr
The textual description of the event
Outcome
The outcome of the event
OriginatorHostName
The host that detects and requests the
recording of an audit event
OriginatorServiceName
The service that detects and requests the
recording of an audit event
OriginatorLocationAddress
The address of service that detects and
requests the recording of an audit event
OriginatorServiceType
An optional list of the supported functions
provided by the originator.
OriginatorAuthAuthority
The Authentication Authority that detected the event.
An example of an authentication
authority is the hostname of the machine that
generated the event
OriginatorPrincipalName
The username associated with the process
that generated the event
OriginatorPrincipalID
The UID associated with the process that
generated the event
InitiatorAuthAuthority
The initiator represents the principal that is
accountable for the initiation of the event.
This field contains the hostname that is
responsible for the event
InitiatorDomainSpecificName
The username that is responsible for
the generation of the event
InitiatorDomainSpecificID
The UID that is responsible for the
generation of the event
TargetLocationName
The target represents the object that was the
target of activity that caused the event to be
generated. For example, a file or a record within a database
TargetLocationAddress
The address of service that was the
target of activity that caused the event to be
generated.
TargetServiceType
An optional list of the supported functions
provided by the target
TargetAuthAuthority
The Authentication Authority that was the target of
the event
TargetPrincipalName
The username associated with the target process
TargetPrincipalID
The UID associated with the target process
PtrToSourceDomain
For an imported record, the pointer to the
original record within the originating domain
SourceSpecificInformation
Information that is specific to the source of the event.
For example, if the record
originated from syslog, then this field would
contain the level and facility of the syslog message
EventSpecificInformation
The event specific information recorded for the record.
The size of this field depends on
the maximum record size supported by the
target database
Arguments
conn
(Input) A database connection that was returned
by a previous call to
dbConnect(3dba).
name
(Input) The name of the table to be created.
Return values
If successful, dbCreateTable returns 0.
Otherwise, it returns -1.
Diagnostics
An application can call
dbGetError(3dba)
to obtain the error message returned from the database.