AUDIT_JOURNAL_CA (Authority Changes) table function

The AUDIT_JOURNAL_CA table function returns rows from the audit journal that contain information from the CA (Authority Changes) journal entries.

Every audit journal table function shares a common authorization requirement and a common set of parameters. These are described in AUDIT JOURNAL table function common information.

The result of the function is a table containing rows with the format shown in the following table. All the columns are nullable.

Table 1. AUDIT_JOURNAL_CA table function
Column Name	Data Type	Description
The first columns returned by this table function are from the common audit journal entry header. See Common columns returned from the audit journal entry header for the column definitions. After the common columns are the following columns that describe the entry specific data for the CA audit journal entry.
OBJECT_LIBRARY	VARCHAR(10)	The name of the library containing the object. Contains the null value if there is no library name.
OBJECT_NAME	VARCHAR(10)	The name of the object. Contains the null value if there is no object name.
OBJECT_TYPE	VARCHAR(7)	The type of the object. Contains the null value if there is no object type.
OBJECT_ATTRIBUTE	VARCHAR(10)	The attribute for the object type. Contains the null value if there is no object attribute.
OBJECT_ASP_NAME	VARCHAR(10)	The name of the auxiliary storage pool (ASP) in which OBJECT_NAME resides. A value of *SYSBAS indicates the system ASP and all basic user ASPs.
OBJECT_ASP_NUMBER	INTEGER	The number of the auxiliary storage pool to which storage for OBJECT_NAME is allocated. 1 indicates the system ASP.
FIELD_NAME	VARCHAR(10)	The system name of the column. Contains the null value if the authority is not related to a column or the column name is not available.
COMMAND_TYPE	VARCHAR(9)	The type of command used. GRANT Grant GRTUSRAUT GRTUSRAUT operation REPLACE Grant with replace REVOKE Revoke
USER_PROFILE_NAME	VARCHAR(10)	The name of the user profile whose authority is being granted or revoked. Contains the null value if a user profile is not being changed.
AUTHORIZATION_LIST_MANAGEMENT	VARCHAR(3)	Indicates whether authorization list management (*AUTLMGT) authority is granted or revoked. NO The authority is not changed. YES The authority might have changed.
OBJECT_EXCLUDE	VARCHAR(3)	Indicates whether exclude (*EXCLUDE) authority is granted or revoked. NO The authority is not changed. YES The authority might have changed.
OBJECT_OPERATIONAL	VARCHAR(3)	Indicates whether object operational (*OBJOPR) authority is granted or revoked. NO The authority is not changed. YES The authority might have changed.
OBJECT_MANAGEMENT	VARCHAR(3)	Indicates whether object management (*OBJMGT) authority is granted or revoked. NO The authority is not changed. YES The authority might have changed.
OBJECT_EXISTENCE	VARCHAR(3)	Indicates whether object existence (*OBJEXIST) authority is granted or revoked. NO The authority is not changed. YES The authority might have changed.
OBJECT_ALTER	VARCHAR(3)	Indicates whether object alter (*OBJALTER) authority is granted or revoked. NO The authority is not changed. YES The authority might have changed.
OBJECT_REFERENCE	VARCHAR(3)	Indicates whether object reference (*OBJREF) authority is granted or revoked. NO The authority is not changed. YES The authority might have changed.
DATA_READ	VARCHAR(3)	Indicates whether data read (*READ) authority is granted or revoked. NO The authority is not changed. YES The authority might have changed.
DATA_ADD	VARCHAR(3)	Indicates whether data add (*ADD) authority is granted or revoked. NO The authority is not changed. YES The authority might have changed.
DATA_UPDATE	VARCHAR(3)	Indicates whether data update (*UPD) authority is granted or revoked. NO The authority is not changed. YES The authority might have changed.
DATA_DELETE	VARCHAR(3)	Indicates whether data delete (*DLT) authority is granted or revoked. NO The authority is not changed. YES The authority might have changed.
DATA_EXECUTE	VARCHAR(3)	Indicates whether data execute (*EXECUTE) authority is granted or revoked. NO The authority is not changed. YES The authority might have changed.
PREV_AUTHORIZATION_LIST_MANAGEMENT	VARCHAR(3)	Indicates whether the user previously had authorization list management (*AUTLMGT) authority. NO The user did not have this authority. YES The user had this authority. Contains the null value if the AUTHORIZATION_LIST_MANAGEMENT column is NO.
PREV_OBJECT_EXCLUDE	VARCHAR(3)	Indicates whether the user previously had exclude (*EXCLUDE) authority. NO The user did not have this authority. YES The user had this authority. Contains the null value if the OBJECT_EXCLUDE column is NO.
PREV_OBJECT_OPERATIONAL	VARCHAR(3)	Indicates whether the user previously had object operational (*OBJOPR) authority. NO The user did not have this authority. YES The user had this authority. Contains the null value if the OBJECT_OPERATIONAL column is NO.
PREV_OBJECT_MANAGEMENT	VARCHAR(3)	Indicates whether the user previously had object management (*OBJMGT) authority. NO The user did not have this authority. YES The user had this authority. Contains the null value if the OBJECT_MANAGEMENT column is NO.
PREV_OBJECT_EXISTENCE	VARCHAR(3)	Indicates whether the user previously had object existence (*OBJEXIST) authority. NO The user did not have this authority. YES The user had this authority. Contains the null value if the OBJECT_EXISTENCE column is NO.
PREV_OBJECT_ALTER	VARCHAR(3)	Indicates whether the user previously had object alter (*OBJALTER) authority. NO The user did not have this authority. YES The user had this authority. Contains the null value if the OBJECT_ALTER column is NO.
PREV_OBJECT_REFERENCE	VARCHAR(3)	Indicates whether the user previously had object reference (*OBJREF) authority. NO The user did not have this authority. YES The user had this authority. Contains the null value if the OBJECT_REFERENCE column is NO.
PREV_DATA_READ	VARCHAR(3)	Indicates whether the user previously had data read (*READ) authority. NO The user did not have this authority. YES The user had this authority. Contains the null value if the DATA_READ column is NO.
PREV_DATA_ADD	VARCHAR(3)	Indicates whether the user previously had data add (*ADD) authority. NO The user did not have this authority. YES The user had this authority. Contains the null value if the DATA_ADD column is NO.
PREV_DATA_UPDATE	VARCHAR(3)	Indicates whether the user previously had data update (*UPD) authority. NO The user did not have this authority. YES The user had this authority. Contains the null value if the DATA_UPDATE column is NO.
PREV_DATA_DELETE	VARCHAR(3)	Indicates whether the user previously had data delete (*DLT) authority. NO The user did not have this authority. YES The user had this authority. Contains the null value if the DATA_DELETE column is NO.
PREV_DATA_EXECUTE	VARCHAR(3)	Indicates whether the user previously had data execute (*EXECUTE) authority. NO The user did not have this authority. YES The user had this authority. Contains the null value if the DATA_EXECUTE column is NO.
AUTHORIZATION_LIST	VARCHAR(10)	The name of the authorization list that is being modified. Contains the null value if an authorization list is not being changed.
AUTHORIZATION_LIST_PUBLIC	VARCHAR(3)	Indicates whether authorization list (*AUTL public authority) authority has been granted or revoked. NO The authority is not changed. YES The authority might have changed.
PREV_AUTHORIZATION_LIST	VARCHAR(10)	The name of the previous authorization list. Contains the null value if an authorization list is not being changed.
PREV_AUTHORIZATION_LIST_PUBLIC	VARCHAR(3)	Indicates whether the user previously had authorization list (*AUTL public authority) authority. NO The user did not have this authority. YES The user had this authority. Contains the null value if the AUTHORIZATION_LIST_PUBLIC column is NO.
PERSONAL_STATUS_CHANGED	VARCHAR(3)	The personal status changed. NO The status did not changed. YES The status changed.
ACCESS_CODE_CHANGED	VARCHAR(6)	Whether the access code changed. ADD The access code was added. REMOVE The access code was removed. Contains the null value if the access code was not changed.
ACCESS_CODE	VARCHAR(4)	Access code. Contains the null value if the access code was not changed.
PATH_NAME	VARGRAPHIC(5000) CCSID 1200	The path name of the object. Contains the null value if the object name is not available or the object is not in the "root" (/), QOpenSys, or user-defined file systems.
PATH_NAME_INDICATOR	VARCHAR(3)	Path name indicator. NO The PATH_NAME column does not contain an absolute path name for the object, instead it contains a relative path name. The RELATIVE_DIRECTORY_FILE_ID can be used to form an absolute path name with this relative path name. YES The PATH_NAME column contains complete absolute path name for the object. Contains the null value if the object is not in the "root" (/), QOpenSys, or user-defined file systems.
RELATIVE_DIRECTORY_FILE_ID	BINARY(16)	When PATH_NAME_INDICATOR is NO, contains the file ID of the directory that contains the object identified in the PATH_NAME column. Contains the null value when PATH_NAME_INDICATOR is YES, or if the file ID is not available or the object is not in the "root" (/), QOpenSys, or user-defined file systems.
IFS_OBJECT_NAME	VARGRAPHIC(512) CCSID 1200	The name of the object. Contains the null value if the object name is not available or the object is not in the "root" (/), QOpenSys, or user-defined file systems.
OBJECT_FILE_ID	BINARY(16)	The file ID of the object. Contains the null value if the object is not in the "root" (/), QOpenSys, or user-defined file systems.
PARENT_FILE_ID	BINARY(16)	The file ID of the parent directory. Contains the null value if the file ID is not available or the object is not in the "root" (/), QOpenSys, or user-defined file systems.
OFFICE_USER	VARCHAR(10)	The name of the office user. Contains the null value if there is no office user.
OFFICE_ON_BEHALF_OF_USER	VARCHAR(10)	User working on behalf of another user. Contains the null value if the user name is not available.
DLO_NAME	VARCHAR(12)	The name of the document library object. Contains the null value if there is no document library object.
FOLDER_PATH	VARCHAR(63)	The path of the folder. Contains the null value if there is no folder path.

Example

List any files in APPLIB1 that had the ability to change data granted to them in the last week.


SELECT OBJECT_NAME, USER_PROFILE_NAME FROM TABLE(
   SYSTOOLS.AUDIT_JOURNAL_CA(
     STARTING_TIMESTAMP => CURRENT TIMESTAMP - 7 DAYS)
  )
  WHERE COMMAND_TYPE = 'GRANT' AND
   OBJECT_LIBRARY = 'APPLIB1' AND
   OBJECT_TYPE = '*FILE' AND
   (DATA_ADD = 'YES' OR DATA_UPDATE = 'YES' OR DATA_DELETE = 'YES');