IFCID140: Audit Authorization Failures

Fields

AUTH CHECKED

The authorization ID that is being checked.

Field Name: QW0140UR

AUTHID TYPE

The authorization ID type.

Field Name: QW0140AT

REASON

The user-defined reason code from the access control authorization exit routine.

Field Name: QW0140RS

STATMNT LENGTH

The length of the failing SQL statement plus 4. It has a value of zero if no SQL statement exists.

Field Name: QW0140LL

RETCOD

The return code from the access control authorization exit routine.

Field Name: QW0140RC

PRIV CHECKED

The privilege that is being checked. It can have the following values:

• ALL ON PACKAGES
• ALLPKAUT
• ALTER
• ALTER BUFFERPOOL
• ALTER INDEX
• ALTERIN
• ARCHIVE
• BIND ADD
• BIND, REBIND OR FREE
• BINDAGENT
• CHECK DATA UTILITY
• CHECK UTILITY
• COMMENT ON
• COMMENT ON INDEX
• COPY
• COPY PACKAGE
• CREATE ALIAS
• CREATE GLOBAL TEMPORARY TABLE (CREATETMTAB)
• CREATE IN
• CREATE INDEX
• CREATE SECURE OBJECT
• CREATE STOGROUP
• CREATE SYNONYM
• CREATE TABLE
• CREATE TABLESPACE
• CREATE VIEW
• CREATEDBA
• CREATEDBC
• CREATEIN
• DBADM
• DBCTRL
• DBMAINT
• DDF COMMAND - START, STOP, OR CANCEL
• DEBUG SESSION
• DELETE
• DESCRIBE TABLE
• DIAGNOSE UTILITY
• DISPLAY
• DISPLAY ARCHIVE
• DISPLAY BUFFERPOOL
• DISPLAY DATABASE
• DISPLAY PROFILE
• DISPLAY RLIMIT
• DISPLAY THREAD OR DISPLAY DB
• DISPLAY UTILITY
• DROP
• DROP ALIAS
• DROP INDEX
• DROP SYNONYM
• DROPIN
• EXECUTE
• EXPLAIN
• EXPLAIN MONITOR
• EXPLICIT QUALIFIER USE
• INSERT
• LOAD
• LOCK TABLE
• MERGECOPY UTILITY
• MLS READWRITE
• MODIFY UTILITY
• MONITOR1
• MONITOR2
• OTHER
• PACKADM
• QUERY TUNING
• QUIESCE UTILITY
• READ
• RECOVER (UTILITY)
• RECOVER BSDS
• RECOVER INDOUBT
• REFERENCES
• RENAME INDEX
• RENAME TABLE
• REORG
• REPAIR
• REPAIR DBD UTILITY
• REPORT UTILITY
• RUNSTATS UTILITY
• SECADM
• SELECT
• SET ARCHIVE
• SQLADM
• START
• START DATABASE
• START DB2, STOP DB2, START DB(*) OR STOP DB(*)
• START PROFILE
• START RLIMIT
• STOP
• STOP DATABASE
• STOP OR START TRACE
• STOP PROFILE
• STOP RLIMIT
• STOSPACE UTILITY
• SUBPKAUT
• SYSADM
• SYSCTRL
• SYSOPR
• SYSOPR SYSCTRL SYSADM SECADM
• TERM UTILITY
• TERMINATE UTILITY ON DATABASE
• TRIGGER
• UPDATE
• USAGE
• USE
• VALIDATE SECLABEL
• WRITE

Field Name: QW0140PR

OBJECT

The object type. N/A is printed if there is no object type. OBJECT can have the following values:

• ACEE
• APPLICATION PLAN
• BUFFERPOOL
• COLLECTION
• DATABASE
• DISTINCT TYPE
• FUNCTION
• SESSION VARIABLE
• JAR
• PACKAGE
• PROCEDURE
• ROLE
• ROW
• SCHEMA
• SEQUENCE
• STORAGE GROUP
• TABLE OR VIEW
• TABLESPACE
• TRUSTED CONTEXT
• USER AUTH (System privileges, such as SYSADM or SYSOPR)
• N/A

Field Name: QW0140OB

OPTIONS

The options that are used in the host to check the SQL statement. The bits of this field are used as indicators. If all bits are 0, the statement is not an SQL statement. OPTIONS has the following values:

• Bit 1 Host language character string delimiter
  • 0 Apostrophe
  • 1 Quote
• Bit 2 Decimal point symbol
  • 0 Period
  • 1 Comma
• Bit 3 SQL character string delimiter
  • 0 Apostrophe
  • 1 Quote
• Bit 4 Mixed character string indicator
  • 0 No
  • 1 Yes
• Bit 5 Host language options indicator
  • 0 Do not use host language options
  • 1 Use host language options
• Bits 6 to 8 Host language indicator
  • 001 Assembler
  • 010 COBOL
  • 011 PL/I
  • 100 None - Dynamic SQL
  • 101 FORTRAN
  • 110 COBOL II
  • 111 Null - See bits 17 to 24 for the language
• Bits 9 to 16 Character set that is being used
  • 00000000 Alphanumeric
  • 00000001 Katakana
• Bits 17 to 24 Alternate host language field
  • B Assembler
  • C COBOL
  • P PL/I
  • F Fortran 2
  • 2 COBOL II
  • 3 IBM® COBOL
  • 4 C++
  • D C
• Bits 25 to 28 Time option
  • 0000 None
  • 1000 Local
  • 0100 JIS
  • 0010 ISO/EUR
  • 0001 USA
• Bits 29 to 32 Date option
  • 0000 None
  • 1000 Local
  • 0100 EUR
  • 0010 ISO/JIS
  • 0001 USA
• Bit 33 Decimal
  • 0 No
  • 1 Yes
• Bits 34 to 40 Unused
• Bits 41 to 48 Remote option
  • 00000001 SQL(ALL)
  • 00000010 SQL(Db2)
• Bits 49 to 56 SQL flag option
  • 00000000 No SQLFLAG option
  • 00000001 SQLFLAG(SAA)

Field Name: QW0140HO

SOURCE OBJECT

The source object name.

Field Name: QW0140SN

SOURCE OWNER

The source object owner.

Field Name: QW0140SC

TARGET OBJECT

The target object name.

Field Name: QW0140TN

TARGET OWNER

The target object owner.

Field Name: QW0140TC

SQL STMT

The SQL statement text. Long SQL text can be truncated.

Field Name: QW0140TX

ACEE UTOKEN

Shows the ACEE UTOKEN, if it is available. If it is not available, the first word of this field contains one of the following values:

• UNABLE TO GET TOKEN
• ABEND ACCESSING ACEE

Field Name: QW0140UT

RID OF ROW

Shows the row ID (RID) of the row that is updated or deleted if the table has multilevel security.

Field Name: QW0140ID

SECLABEL OF ROW

Shows the security label of the row for a table with multilevel security.

Field Name: QW0140RL