AUDIT_JOURNAL_PA (Program Adopt) table function

The AUDIT_JOURNAL_PA table function returns rows from the audit journal that contain information from the PA (Program Adopt) journal entries.

Every audit journal table function shares a common authorization requirement and a common set of parameters. These are described in AUDIT JOURNAL table function common information.

The result of the function is a table containing rows with the format shown in the following table. All the columns are nullable.

Table 1. AUDIT_JOURNAL_PA table function
Column Name Data Type Description
The first columns returned by this table function are from the common audit journal entry header. See Common columns returned from the audit journal entry header for the column definitions. After the common columns are the following columns that describe the entry specific data for the PA audit journal entry.
ENTRY_TYPE CHAR(1) The type of entry.
A
Change program to adopt owner's authority.
J
Java program adopts owner's authority.
M
Change object's SETUID, SETGID, or restricted rename and unlink mode indicator.
ENTRY_TYPE_DETAIL VARCHAR(200) Descriptive text that corresponds to the entry type.
OBJECT_LIBRARY VARCHAR(10) The name of the library containing the program.

Contains the null value if ENTRY_TYPE is J or if there is no library name.
OBJECT_NAME VARCHAR(10) The name of the program.

Contains the null value if ENTRY_TYPE is J or if there is no program name.
OBJECT_TYPE VARCHAR(7) The type of the object.

Contains the null value if there is no object type.
OBJECT_OWNER VARCHAR(10) The owner of the object.

Contains the null value if there is no object owner.
PRIMARY_GROUP VARCHAR(10) The name of the primary group.

Contains the null value if there is no primary group.
OBJECT_ASP_NAME VARCHAR(10) The name of the auxiliary storage pool (ASP) in which the object resides. A value of *SYSBAS indicates the system ASP and all basic user ASPs.
OBJECT_ASP_NUMBER INTEGER The number of the ASP device. 1 indicates the system ASP.
PATH_NAME VARGRAPHIC(5000) CCSID 1200 The path name of the object.

Contains the null value if the path name is not available or the object is not in the "root" (/), QOpenSys, or user-defined file systems.
PATH_NAME_INDICATOR VARCHAR(3) Path name indicator.
NO
The PATH_NAME column does not contain an absolute path name for the object, instead it contains a relative path name. The RELATIVE_DIRECTORY_FILE_ID can be used to form an absolute path name with this relative path name.
YES
The PATH_NAME column contains complete absolute path name for the object.

Contains the null value if the object is not in the "root" (/), QOpenSys, or user-defined file systems.
RELATIVE_DIRECTORY_FILE_ID BINARY(16) When PATH_NAME_INDICATOR is NO, contains the file ID of the directory that contains the object identified in the PATH_NAME column.

Contains the null value when PATH_NAME_INDICATOR is YES, or if the file ID is not available or the object is not in the "root" (/), QOpenSys, or user-defined file systems.
IFS_OBJECT_NAME VARGRAPHIC(512) CCSID 1200 The name of the object.

Contains the null value if the object name is not available or the object is not in the "root" (/), QOpenSys, or user-defined file systems.
OBJECT_FILE_ID BINARY(16) The file ID of the object.

Contains the null value if the object is not in the "root" (/), QOpenSys, or user-defined file systems.
PARENT_FILE_ID BINARY(16) The file ID of the parent directory.

Contains the null value if the file ID is not available or the object is not in the "root" (/), QOpenSys, or user-defined file systems.
SET_EFFECTIVE_USER_ID VARCHAR(3) The current set effective user ID (SETUID) mode indicator.
NO
The SETUID mode bit is not on for the object.
YES
The SETUID mode bit is on for the object.

Contains the null value if the information is not available.
SET_EFFECTIVE_GROUP_ID VARCHAR(3) The current set effective group ID (SETGID) mode indicator.
NO
The SETGID mode bit is not on for the object.
YES
The SETGID mode bit is on for the object.

Contains the null value if the information is not available.
RESTRICT_RENAME_AND_UNLINK VARCHAR(3) The current restricted rename and unlink (ISVTX) mode indicator.
NO
The ISVTX mode bit is not on for the object.
YES
The ISVTX mode bit is on for the object.

Contains the null value if the information is not available.
PREV_SET_EFFECTIVE_USER_ID VARCHAR(3) The previous set effective user ID (SETUID) mode indicator.
NO
The SETUID mode bit was not on for the object.
YES
The SETUID mode bit was on for the object.

Contains the null value if the information is not available.
PREV_SET_EFFECTIVE_GROUP_ID VARCHAR(3) The previous set effective group ID (SETGID) mode indicator.
NO
The SETGID mode bit was not on for the object.
YES
The SETGID mode bit was on for the object.

Contains the null value if the information is not available.
PREV_RESTRICT_RENAME_
AND_UNLINK
 VARCHAR(3) The previous restricted rename and unlink (ISVTX) mode indicator.
NO
The ISVTX mode bit was not on for the object.
YES
The ISVTX mode bit was on for the object.

Contains the null value if the information is not available.

Example

  • Find any programs that were changed to adopt the program owner's authority in the last month.
    
SELECT OBJECT_LIBRARY, OBJECT_NAME, OBJECT_TYPE, OBJECT_OWNER FROM TABLE(
  SYSTOOLS.AUDIT_JOURNAL_PA(  
      STARTING_TIMESTAMP => CURRENT DATE - 1 MONTH
  )
) WHERE ENTRY_TYPE = 'A';