Auditing Level Extension (QAUDLVL2)
The Auditing Level Extension (QAUDLVL2) system value is required when more than sixteen auditing values are needed.
Specifying *AUDLVL2 as one of the values in the QAUDLVL system value will cause the system to also look for auditing values in the QAUDLVL2 system value. You can specify more than one value for the QAUDLVL2 system value, unless you specify *NONE. For the QAUDLVL2 system value to take effect, the QAUDCTL system value must include *AUDLVL and the QAUDLVL system value must include *AUDLVL2.
*NONE | No auditing values are contained in this system value. |
*NOTAVL | This value is displayed to indicate that the system value is not available to the user because the user does not have either *AUDIT or *ALLOBJ special authority. The system value cannot be set to this value. |
*ATNEVT | Attention events are logged. |
*AUTFAIL | Authority failure events are logged. |
*CREATE | Object create operations are logged. |
*DELETE | Object delete operations are logged. |
*JOBBAS | Job base functions are audited. |
*JOBCHGUSR | Changes to a thread's active user profile or its group profiles are audited. |
*JOBDTA | Actions that affect a job are logged. *JOBDTA is composed of two values, which are *JOBBAS and *JOBCHGUSR, to enable you to better customize your auditing. If both of the values are specified, you will get the same auditing as if just *JOBDTA is speicified. |
*NETBAS | Network base functions are audited. |
*NETCLU | Cluster and cluster resource group operations are audited. |
*NETCMN | Network and communication functions are audited.
*NETCMN is composed of several values to allow you to better customize your auditing. The following values make up *NETCMN: *NETBAS
*NETCLU *NETFAIL *NETSCK |
*NETFAIL | Network failures are audited. |
*NETSCK | Socket tasks are audited. |
*OBJMGT | Object move and rename operations are logged. |
*OFCSRV | Changes to the system distribution directory and office mail actions are logged. |
*OPTICAL | Use of Optical Volumes is logged. |
*PGMADP | Obtaining authority from a program that adopts authority is logged. |
*PGMFAIL | System integrity violations are logged. |
*PRTDTA | Printing a spooled file, sending output directly to a printer, and sending output to a remote printer are logged. |
*PTFOBJ | Changes to PTF objects are logged. |
*PTFOPR | PTF operations are logged. |
*SAVRST | Restore operations are logged. |
*SECCFG | Security configuration is audited. |
*SECDIRSRV | Changes or updates when doing directory service functions are audited. |
*SECIPC | Changes to interprocess communications are audited. |
*SECNAS | Network authentication service actions are audited. |
*SECRUN | Security run time functions are audited. |
*SECSCKD | Socket descriptors are audited. |
*SECURITY | Security-related functions are logged. *SECURITY is composed of several values to allow you to better customize your auditing. The following values make up *SECURITY: *SECCFG
*SECDIRSRV *SECIPC *SECNAS *SECRUN *SECSCKD *SECVFY *SECVLDL |
*SECVFY | Use of verification functions are audited. |
*SECVLDL | Changes to validation list objects are audited. |
*SERVICE | Using service tools is logged. |
*SPLFDTA | Actions performed on spooled files are logged. |
*SYSMGT | Use of systems management functions is logged. |