Auditing for the RACF access control module

The RACF access control module provides RACF resource profiles to check authorization for Db2 privileges and authorities.

RACF resource profiles represent the various Db2 privileges. You can use the RACF auditing tools to extract the information that you need.

You can use the SMF data unload utility or the RACF report writer to extract and format the SMF records. When the RACF access control module uses a RACROUTE REQUEST=FASTAUTH request to create an audit record, the record contains log string data that includes additional diagnosis information described in Using log string data. You can use the log string information to link Db2 trace record IFCID 314 and a corresponding RACF SMF record.

In addition, you can use the RACF informational messages. For more information, see RACF informational messages.