Audit logs

IBM® Db2® Data Management Console supports audit logging. The audit settings can be enabled or disabled using RESTful API.

Audit event types

The following event types are logged as audit records.
  • All successful and unsuccessful login attempts
  • All logoff attempts
  • Attempts to perform unauthorized functions
  • Activities performed by admin accounts
  • Attempts to update console settings
  • Connection profile privilege management audit

Audit storage methods

Audit records can be either stored in the Db2 Data Management Console's repository or in the installed server's file system.
  • Audit records are stored in the repository with the table named AUDIT_LOG (Default). The table AUDIT_LOG, has two columns namely TIMESTAMP which is the timestamp in milliseconds since Jan 1 00:00, 1970 and LOG which is the audit record.
  • Audit records are stored in the file system with the name audit.* under <dmc installation dir>/logs directory.

Audit APIs

You can view and update audit settings using APIs. The settings are saved in the repository table named AUDIT_CONFIG. Audit settings are configured dynamically, and are effective when the API is called successfully.

Audit setting APIs are available in two groups, one group is to return or update settings individually and the other group is to return or update settings collectively or as a whole.

By default, when the Audit APIs are called, the console uses the repository connection credential to perform Auditing actions. If additional security is added to SELECT or UPDATE of AUDIT_CONFIG table, and the credential used is different from the repository connection credential, then, an optional input parameter to the API can be used to pass in the security credential.