Limitations of the audit trace

The audit trace has the following additional limitations:

• The audit trace must be turned on; it is not on by default.
• The trace does not record old data after it is changed.
• If an agent or transaction accesses a table more than once in a single unit of recovery, the audit trace records only the first access.
• The audit trace does not record accesses if you do not start the audit trace for the appropriate class of events.
• Except class 8, the audit trace does not audit certain utilities. For example, the trace audits the first access of a table with the LOAD utility, but it does not audit access by the COPY, RECOVER, and REPAIR utilities. The audit trace does not audit access by stand-alone utilities, such as DSN1PRNT.
• The trace audits only the tables that you specifically choose to audit.
• You cannot audit access to auxiliary tables.
• You cannot audit the catalog tables because you cannot create or alter catalog tables.

This auditing coverage is consistent with the goal of providing a moderate volume of audit data with a low impact on performance. However, when you choose classes of events to audit, consider that you might ask for more data than you are willing to process.