Security Audit files (.AUD) for GRC Action usage

Good Day
I need some advise regarding the security audit files for GRC on the HR System.
Our basis team is concerned that the security audit files are filling up the file system in the HR system. I assume these are for Action Usage.
I would like to get a view of what other companies are doing to sort this out.
Can these .AUD files be deleted or what?
Your advise would highly be appreciated.
Regards
Mustafa

your question has nothing to do with Oracle. Maybe that SAP on Linux is the better forum for it.

Similar Messages

  • Sequential file naming for repeating action on same file

    I need to export all the hands of a clock to animate the individual hour and minute hands in the software I'm using. So, I'm trying to set up an automated process to save 60 clock hands so that I don't have to do this manually for all future clock designs by doing rotate, save, rotate, save....
    I have an action to rotate 6 degrees, and save. This works. I don't know how to automate this to repeat 60 times, other than nesting it in a folder. Problem is, that each time the first action to Rotate and Save plays, it saves over the last file with the same filename I used when recording the action.
    OR, if I use the Export function (to save a PNG, which is ultimately what I need, and not an AI), it doesn't work at all (nothing gets saved) unless I turn on the Dialogue option for the export step, and click through the screen manually to OK the filename and settings. Surely there's a way to just make it save with the default and work?
    Thanks in advance.

    Hi PrePressPro, thanks for taking the time to outline that for me. But, when I duplicate the arrow through Effects, I can't separate the arrows. It's like one big 60-arrowed shape that I can't ungroup, and I need to be able to export each arrow individually. Though I don't know why I need to focus on drawing all 60 arrows, I already have an action to rotate my one arrow into every position it needs to be and then Export. Either way, my action needs to Export, and it's not working.
    I don't know why the Export doesn't work, I'm even prepared to set up 60 actions so that I can custom change the name of each export to 1, 2, 3, etc... and then I Play the folder. I've set up the first 10 steps. But as you can see below, though everything is set up, it won't Export unless I turn on the Dialogue option next to Export. Which shows me first the Export screen asking me to confirm the filename, and then it shows me the PNG options screen. It should work without Dialogue turned on!

  • Security audit log for the last 30 days?

    Hi,
    My current settings for the security audit log is 20 MB (by default).  I dont want to control it with file size limitation, but by the no. of days the audit is recorded (max 30 days).
    What are the parameters that I would need to maintain?
    Or any additinal config is required?
    Thanks,
    Abdul

    Hi,
    My current configuration is like this:
    Name                Description                                           Current value                                            System default value
    FN_AUDIT     Name of security audit file          audit_++++++++
    DIR_AUDIT     Directory for security audit files     /usr/sap/GSP/DVEBMGS00/log     /usr/sap/GSP/D00/log
    rsau/enable     Enable Security Audit          0
    rsau/max_diskspace/local     Maximum space for security audit file     300M     20M
    rsau/max_diskspace/per_day     Maximum size of all security audit files per day          0
    rsau/max_diskspace/per_file     Maximum size of one single security audit file          0
    rsau/selection_slots     Number of selection slots for security audit          2
    rsau/user_selection     Defines the user selection method used inside kernel functions          0
    I have just activated the audit, and in just 30 minutes, I can see that the file is about 45MB.  If this is the growth rate, the 300MB allocated for audit will completely used in just a day.
    My requirement is - I want to track users and their activities for the last 30 days (or 45 days).  No log should be overwritten unless it is atleast 30 days old.
    In SM20, when I give selection from 1.1.10 to 31.1.10, it should show me all the activities during this period, without any breaks.
    Other doubts: Do I have to start auditing manually every day?  Or will it keep writing logs until it reaches 300 MB which can spread upto multiple days.
    Regards
    Abdul
    Edited by: Abdul Rahim Shaik on Feb 4, 2010 11:17 AM

  • SM19 - Security Audit Log

    Hello,
    I have activated Security Audit Log through SM19.
    When I check the Parameters, I can see
    rsau/max_diskspace/local                           = 20M
    (Maximum space for security audit file)
    1. My question is if the collective size of security Audit files exceeds 20M, which file will SAP delete? or rather what is the exact course of action that SAP would take?
    2. In my system, Parameter rsau/enable = 0 (Enable Security Audit)
    But still the audit logs are getting generated.
    So does '0' signify Enabled?
    Thanks.

    I think your answer can be found in [this thread|Re: Security Audit Log FULL. What happens??;
    Kind regards,
    Lodewijk

  • Cannot open audit file

    Hello Friends,
    As a part of re-platform activity our production application servers are moved from AIX to Windows operating system. But CI is still in AIX.
    From the next day of re-platform activity we are getting the SM21 error log as "Cannot open audit file: /migrate/<SID>/audit/log\<DATE>.AUD. This log is generating only on Windows application servers and not on CI(AIX).
    All the file systems are properly mounted from AIX to Windows.
    DIR_AUDIT parameter value also maintained in default profile as /migrate/<SID>/audit/log
    Can any one please suggest
    Thanks in advance,
    Mahi.

    Hi ,
    Some parameters which might help you for this"
    Name Description
    FN_AUDIT                Name of security audit file audit_++++++++
    DIR_AUDIT                Directory for security audit files
    *rsau/enable                Enable Security Audit*
    rsau/max_diskspace/local      Maximum space for security audit file
    rsau/max_diskspace/per_day      Maximum size of all security audit files per day
    rsau/max_diskspace/per_file      Maximum size of one single security audit file
    rsau/selection_slots           Number of selection slots for security audit
    rsau/user_selection           Defines the user selection method used inside kernel functions
    Also refer to the SAP Note:: 539404 - FAQ: Answers to questions about the Security Audit Log
    Please do the cross check of the related param's and also check the SAP note which might be very helpful.
    Regards,
    Sanjeev Nagalikar

  • I can't activate/deactivate Security Audit via SM19.

    Hi everyone,
    I can't activate/deactivate Security Audit via SM19.
    I tried to activate the security audit but the program has aborted. The Current File Size is 977kb vs Maximum File Size of 976kb. I run SM18 to initialize the log but the activation has aborted once again. The File Size remains at 977kb.
    Thanks,
    Kiko

    Hi,
    Please check the following profile parameters...
    DIR_AUDIT                              
    Directory for security audit files     
    FN_AUDIT                               
    Name of security audit file            
    rsau/enable                            
    Enable Security Audit                  
    rsau/max_diskspace/local               
    Maximum space for security audit file  
    rsau/max_diskspace/per_day             
    Maximum size of all security audit files
    rsau/max_diskspace/per_file            
    Maximum size of one single security audi
    rsau/selection_slots                   
    Number of selection slots for security a
    rsau/user_selection                    
    Defines the user selection method used
    Regards
    Ben

  • Security Audit Log Profile Parameter

    Hello People,
    I have been trying to find some information about the System Profile Parameters that are required for Security Audit Logs.
    Can someone please explain what the parameter rsau/max_diskspace/per_day means? All that the SAP documentation says is that it is the Maximum size of all security audit files per day
    My understanding was that the audit files are stored on the application server itself and only 1 file is generated everyday. How then, is this parameter used?
    Regards
    Joy

    Hi Joy,
    I do not think this parameter should have any adverse effect. Depends on your server's hard disk space availability.
    rsau/max_diskspace/local gives space for a single security audit file. When we say that rsau/max_diskspace/per_day
    gives space for all, by my understanding we are limiting the total space that these files can take up.
    The max size of single audit file is 2GB and total space for all i.e. rsau/max_diskspace/per_day is 1024 GB
    When maximum space limit is reached, logging terminated. Next day new file is created.
    Couldn't find more explanation.
    regards, Sean.

  • Security Audit Log - Different Files

    Hello gurus,
    I configured the security audit log of the AS java in our portal system.
    But i want a dynamic configuration like SM20 - SM19 in R/3 systems. I want to have audit<the date>.log file format. For
    example audit041608.log for 04.16.2008
                 audit041708.log for 04.17.2008
    Is this possible?
    <removed_by_moderator>
    Best regards
    Tolga
    Edited by: Julius Bussche on Apr 16, 2008 2:43 PM

    Thanks for your answer.
    I think I am misunderstood or I am misunderstanding
    Let me explain a little bit more;
    I am trying to configure secaudit in our portal system and configure it in  such a way that the logs will
    be stored in secaudit log files day by day.
    I configured secaudit as a seperate file but after the size limit,
    it clears the logfile and starts to write on the same logfile.
    We could do this by adding a profile parameter;
    "FN_AUDIT = <SID>_<Instance_No>_audit_++++++++.AUD" in R/3 system.
    But how can i do this in a portal system if it is possible?
    Best regards
    Tolga
    Edited by: Tolga Akinci on Apr 17, 2008 4:24 PM

  • Can oracle audit logs keep info of Blocking or blacklisting a user ID, terminal or access port, and the reason for the action?

    Hello,
    I am workin on Oracle 11G STIGs and one STIGs states that audit log should include followings;
    - User ID.
    - Successful and unsuccessful attempts to access security files
    - Date and time of the event.
    - Type of event.
    - Success or failure of event.
    - Successful and unsuccessful logons.
    - Denial of access resulting from excessive number of logon attempts.
    - Blocking or blacklisting a user ID, terminal or access port, and the reason for the action.
    - Activities that might modify, bypass, or negate safeguards controlled by the system.
    I know how to enable audit trial with OS or DB, EXTENDED levels.  However, I could not find if it is possible that audit logs can contain info of Blocking or blacklisting a user ID, terminal or access port, and the reason for the action.

    2687254 wrote:
    Hello,
    I am workin on Oracle 11G STIGs and one STIGs states that audit log should include followings;
    - User ID.
    - Successful and unsuccessful attempts to access security files
    - Date and time of the event.
    - Type of event.
    - Success or failure of event.
    - Successful and unsuccessful logons.
    - Denial of access resulting from excessive number of logon attempts.
    - Blocking or blacklisting a user ID, terminal or access port, and the reason for the action.
    - Activities that might modify, bypass, or negate safeguards controlled by the system.
    I know how to enable audit trial with OS or DB, EXTENDED levels.  However, I could not find if it is possible that audit logs can contain info of Blocking or blacklisting a user ID, terminal or access port, and the reason for the action.
    Think about that.  If the port or terminal (client ip address) is blocked, then the communication never got to the database.  So how would the database be able to audit an action that never got there?

  • Consultancy Services for RAC installation and  Internet Security Audit

    Dear All,
    "Warm greetings from Venkatesh"
    We are proud to announce that, we have started a leading Database, Networking and Internet security Consulting organization at PUNE with a global presence through which we offers a focused, Excellence Solutions for Database, Networking and internet security for vulnerabilities and ethical hacking to the organizations to achieve a sustainable performance and results, and to contribute to the delivery of Quality Product, Solutions and Services to transform the human lives every day.
    We offer a customized Consulting and Corporate Training Services at competitive sizes of organization in all major verticals for Performance Excellence as under with six months maintenance support after RAC installation
    Design and Implementation of Oracle RAC (Real Application Cluster)
    - Oracle solution for High Availability & Grid Computing
    - Versions: Oracle 10gR2, 11gR1 & 11gR2
    - Operating System: Linux, Windows, Solaris, AIX
    - Storage: ASM, OCFS2
    - ASM Cluster File System (ACFS) in Oracle 11gR2
    - Building RAC setup in VMware Environment
    - Feature: Load Balancing, Failover, Dynamic addition of Nodes to Grid
    Design and Implementation of Oracle Data Guard
    - Oracle solution for Disaster Management
    - Primary & Secondary Sites
    - Logical & Physical Standby Database
    Internet Security Audit for Vulnerabilities and Ethical Hacking
    - Penetration testing
    - Source code audit
    - Information security training
    - Website design and development
    - Data Centre audit
    - ISO 27701 consultancy
    We also offer Corporate Trainings for
    - Oracle RAC Administration
    - Automatic Storage Management (ASM)
    - Data Guard
    Please feel free to revert back for any queries.
    Regards
    Venkatesh
    mail: [email protected]
    Edited by: vjpune on Apr 17, 2010 4:44 AM

    Hi! keyur,
    Greetings from venkatesh
    Sorry for delay, i was busy with some assignments.
    Actually, we are consultancy service provider for those organization who needs to Install Oracle RAC server. We provide entire services i.e. from designing to implementation of RAC server, provide solution for load balancing, desaster management and so on.. what i had mention in the earlier post.
    Also we offer corporate training to the organization in RAC administration, ASM, Data Guard.
    I think this info will get you to understand our services..
    we welcome inquires if any from your end.
    Regards
    Venkatesh
    mail: [email protected]

  • Missing properties for ADMINS  group in security property file

    Hi,
    I'm getting the following error while trying to start the J2EE server
    how to overcome this
    SAP J2EE Engine Version 6.20 PatchLevel 67440.20 is starting...
    Loading: LogManager ...
    Loading: SystemThreadManager ...
    Loading: ThreadManager ...
    Loading: TimeoutManager ...
    Loading: MemoryManager ...
    Loading: PoolManager ...
    Loading: PolicyManager ...
    Loading: IpVerificationManager ...
    Loading: ClusterManager ...
    Loading: ClassLoaderManager ...
    Loading: SwapManager ...
    Loading: LockManager ...
    Loading: R3StartupManager ...
    Loading: ServiceManager ...
    Loading core services:
      Starting core service p4 ... done.
      Starting core service monitor ... done.
      Starting core service log ... done.
      Starting core service file ... done.
      Starting core service dbms ... done.
    ID000544: Error starting service security. Unexpected exception: java.lang.SecurityException: Missing properties for ADMINS group in security property file!!!
    [ServiceManager]: ID000544: Error starting service security. Unexpected exception: java.lang.SecurityException: Missing properties for ADMINS group in security property file!!!
    Exception in core service. Kernel not started.
    [ServiceManager]: * Exception in core service. Kernel not started.
    Loading: ServiceManager returned false!
    Kernel not loaded. System halted.
    Element 1779446621 disconnected.
    System Exception * Fail to start Naming. Exception is: java.lang.NullPointerException
    ThreadDeath catched in deploy when trying to start it. Rethrowning...
    [ServiceManager]: ThreadDeath catched in deploy when trying to start it. Rethrowning...
      Starting core service naming ... done.
    ThreadDeath catched in admin when trying to start it. Rethrowning...
    [ServiceManager]: ThreadDeath catched in admin when trying to start it. Rethrowning...
    Message was edited by: Lakshmi Manohar

    Hi,
    As I understand, you are using SharePoint designer worfklow on 2013 platform and you would like to edit cancelation email body for task process.
    From my experience, there is no OOB option for you to edit cancelation email body. Since workflow 2013 is different from 2010, task forms are auto-generated based upon a certain Content Type. As workaround, I'd recommend you using approval workflow on 2010
    platform. In addition, you could try codeplex 2013 approval workflow, please check the link below:
    http://sharepointwf.codeplex.com/
    More information:
    http://blogs.msdn.com/b/sharepointdesigner/archive/2012/09/14/how-to-manipulate-the-task-form-with-sharepoint-designer-for-new-task-actions.aspx
    http://msdn.microsoft.com/en-us/library/microsoft.sharepoint.workflowservices.activities.singletask.cancelationemailbody(v=office.15).aspx
    Regards,
    Rebecca Tu
    TechNet Community Support

  • Aliases of movie files in ~Movies/ for Front Row usage

    Hi everyone.
    In the first place I apologise for my bad English.
    I want one applescript for folder action wich will make an aliases of all movie files (.mov, .avi, .mpeg, .mpeg, .divx ,etc.) in freshly mounted CD/DVD/HD in ~Movies/ folder because I want to play those files in Front Row.
    Another Script is needed for deleting unwanted aliases upon unmounting that CD/DVD/HD.
    I figured out that all CD/DVD/HD are mounted in /Volumes folder, and I created such two scripts:
    On mounting drive:
    on adding folder items to this_folder after receiving these_items
    try
    tell application "Finder"
    make new alias file to these_items at "Macintosh HD:Users:USERNAME:Movies:" with properties {name:"Movie"}
    end tell
    end try
    end adding folder items to
    On unmounting drive:
    on removing folder items from this_folder after losing these_items
    try
    tell application "Finder"
    delete alias file "Macintosh HD:Users:USERNAME:Movies:Movie"
    end tell
    end try
    end removing folder items from
    I attached those two scripts as /Volumes folder action and they are working good, but there is a problem.
    When I mount CD, and then when I connect my iPod, alias of CD is moving to trash and new alias to iPod is created with same name. Also, when I connect iPod, and then CD and then I disconnect iPod alias to CD is moving to trash. ****, that's not quite what I am looking for.
    Apparently I have and idea, but I lack experience with applescript.
    Creating alias script should work like that:
    on mounting drive in filesystem
    1) Scanning about 2 levels for QT supported files
    2) Making alias to each movie file in those 2 levels in ~Movies/
    3) Adding constant Spotlight comment (for alias removing purposes in other script) to those alias files in ~Movies/
    Removing unwanted Aliases:
    on unmounting drive from filesystem
    1) Scanning ~Movies/ For alias files with constant spotlight comment
    2) removing those alias files (moving to trash preferably, for security purposes)
    This way script would make only good aliases, and there could be multiple drives mounting into system. Apparently, after unmounting any drive aliases with constant spotlight comment will be moved to trash, but I don't have any idea for that.
    Can someone help me?

    Hello imrik,
    Firstly, I don't use OSX myself, so the rest of this post is based upon my experience under OS9 and some knowledge from OSX documentations, etc.
    Folder Actions suite (terms for Folder Action's handler) is defined in StandardAdditions.osax, that is located at (probably):
    /Library/ScriptingAdditions/StandardAdditions.osax
    In brief, the dictionary states (under OS9):
    on adding folder items to fda after receiving aa
    -- fda is alias of the folder that receives new item(s)
    -- aa is list of aliase(s) the folder fda received
    end adding folder items to
    on removing folder items from fda after losing nn
    -- fda is alias of the folder that loses item(s)
    -- nn is list of aliase(s) or list of item name(s) the folder fda loses.
    end removing folder items from
    * Open the dictionary of the OSAX in Script Editor for more details.
    As far as I can tell (under OS9.1, AS1.8.3), 'removing folder items' handler always provides list of names that the folder loses, in spite of the description in OSAX dicitonary.
    I don't know the reason why 'removing folder items' handler provides {} in 'after losing' argument in your environment. It should provide list of names of unmounted volumes (unless '/Volumes/' directory is something so special as to deceive Folder Action Server in some way.)
    (Possibly your method to check the handler's arguments is not appropriate.)
    If you want to check the class of value/object in AppleScript, the proper way is to use a code such as SCRIPT1:
    -- SCRIPT1
    set x to (path to desktop) -- alias
    --set x to {1,2,3} -- list
    set c to class of x
    display dialog ("" & c) -- this will show class name string of x.
    return c -- this will return class of x in result window (when run in Script Editor).
    -- END OF SCRIPT1
    And to check the contents of value/object, you may try SCRIPT2 (for AppleScript's native value/object):
    -- SCRIPT2
    -- in target script (run in e.g. Applet or Folder Actions)
    set x to {1, 2, 3}
    tell application (path to frontmost application as text)
    activate
    set the clipboard to x
    end tell
    -- in checker script (run in Script Editor)
    set y to the clipboard
    return y -- y is given in result window of Script Editor.
    -- END OF SCRIPT2
    So as a whole, you may try something like SCRIPT3 as your test Folder Action and SCRIPT3A as its corresponding checker:
    -- SCRIPT3
    on adding folder items to fda after receiving aa
    tell application (path to frontmost application as text)
    activate
    set the clipboard to {fda, aa}
    display dialog ("" & (class of aa) & return & (class of (aa's item 1)))
    end tell
    end adding folder items to
    on removing folder items from fda after losing nn
    tell application (path to frontmost application as text)
    activate
    set the clipboard to {fda, nn}
    display dialog ("" & (class of nn) & return & (class of (nn's item 1)))
    end tell
    end removing folder items from
    -- END OF SCRIPT3
    -- SCRIPT3A (to be run in Script Editor)
    set y to the clipboard
    return y -- clipboard contents is displayed in result window of Script Editor.
    -- END OF SCRIPT3A
    That's all for now.
    Good luck,
    H
      Mac OS 9.1.x  

  • Getting error while opening a saved for later notification: The selected action is not available. The cause may be related to security. Contact your system administrator to verify your permission level for this action.

    Hi All,
    While opening a saved for later notification, we are getting "The selected action is not available. The cause may be related to security. Contact your system administrator to verify your permission level for this action". error.
    This is a custom notification.
    Please help.
    Thanks
    Raghava

    HI All,
    Please help on this issue.
    Thanks
    Raghava

  • Sequence of Installs of RTA and SCA files for GRC AC 5.3

    Hello,
    I would like to confirm the correct sequence of applying RTA and SCA files for GRC AC 5.3.
    On ABAP Stack
    1- Install VirsaNH RTA on ECC 6.0 System with SAINT
    2- Install VirsaHR RTA on ECC 6.0 system which has SAP_HR
    3- Install both VirsaNH RTA and VIRSAHR RTA on a system which is SAP HR
    4- Install VIRSANH RTA on BI System. (There is no need of VirsaHR on BI system)
    5- Install all Support Packages up to 10 or 11 for VIRSANH & VIRSAHR with SPAM
    Next
    On JAVA Stack
    6- Install
    VIRCC00_0.sca
    VIRAE00_0.sca
    VIRRE00_0.sca
    VIRFF00_0.sca
    7- Install VIRACLP00_0.sca
    8- Then install VIRACCNTNT.SAR
    9- Next install EP RTA VIREPRTA00_0.sca
    10- Install all Java patches for the above components
    Based on the above,
    a- Plz confirm if the above sequence is right.
    b- My question is can I install 6, 7,8, 9 with JSPM at once as one step?
    c- Also can I install SCA files with JSPM first and then install RTA files on ABAP stack later?
    d- Also we have BI system with ABAP & JAVA Stacks. Is VIRSANH sufficient for both ABAP & JAVA, or do we need an additonal RTA for BI JAVA ?
    Thanks for your valuable inputs in advance.
    Regards,
    Haleem

    Hi,
    > 1- What is the UME of your BI Java stack ?
    >
    > Answer: We have installed BI JAVA, EP, EP Core, so we use SSO with EP and BI ABAP. So the portal is UME for BI Java stack.
    >
    Check below link which will answer your queries:
    Java RTA for GRC 5.3
    > 2- Check SAP Note 1174625 - Access Control 5.3 Java Support Pack Installation
    >
    > I checked the note 1174625, which says the following
    >
    > All of the sap.com/grc files have to be undeployed except the db and dictionary files for each component. The files that are NOT to be undeployed are:
    >
    > - sap.com/grc/ccxsysdb
    > - sap.com/grc/aedict
    > - sap.com/grc/redictionary
    > - sap.com/grc/ffdb
    >
    > Since this is a GRC AC 5.3 install on a fresh Netweaver 7.0 EHP1 Java stack install, do I need to undeploy all the above components, before doing AC 5.3 install, as mentioned in the note.
    >
    This is used when you do upgrade your old GRC release to latest one. So if you are doing fresh install then you need not to do these steps.
    > 3- Also this note 1174625 answers to most of my questions, but does not mention anything about VIRACCNTNT.SAR.  Is >this SAR file installed on JAVA Stack or ABAP stack? Is there a OSS note on VIRACCNTNT.SAR?
    >
    This file contains Roles, Rules, functions for RAR, CUP, ERM etc. in txt files which you need to upload when you will do the configuration of GRC.
    Thanks
    Sunny

  • How to pass value for value field of return parameters for an action step in teststand sequence file programatically using c#

    I used a method LoadPrototypeFromMetaDataToken(token,options) to load the return type parameters. I am unable to set the value field in the return parameters for an action step in teststand sequence file programatically using C#.How can I do that.

    Continue here

Maybe you are looking for

  • New Photos update will not allow me to insert pictures in to iDVD? Please help

    When I open iDVD and look for photos it does not show anything even though I have photos in the new Photos program as well as the old version of iPhoto?  Please help!!!  I'm a photographer and videographer and am making a DVD of the video and photos

  • IPhoto will not open "version needs to be prepared"

    New computer running Mt Lion iphoto version 9.4.2 message on attempted opening states: "To open your library with this verion of i photo it first needs to be prepared"  Next message says this is not necessary if you are usiing version 5 or later. Thi

  • How to upload and download in BLOB?

    I tried webutil but is not working properly according to my needs is there any other way to upload and download files in BLOB? If any body knows solution please tell me. Regards,

  • Rule Base Engine

    Folks, In an enterprise system, the rules are variable in a year and they may change. The rules and data are somehow dynamic. The dynamic data exists in a RDBMS but about the rules, I want to put them in a Rule Base Engine. If they are hard coded, th

  • Servlets No-Worky

    Hello World! - I have an HP running HPUX 11i. Apache is working, but I can't get servlets working. I have been able to do a "java servlet_name" and get it to run, but I can't run them from the browser. The html code that calls the servlet is on the s