Audit record layout for VALIDATE events

The format of the audit record for VALIDATE events is shown in the following table.

Sample audit record:
timestamp=2007-05-07-10.30.51.585626;
category=VALIDATE;
audit event=AUTHENTICATION;
event correlator=1;
event status=0;
userid=newton;
authid=NEWTON;
execution id=gstager;
application id=*LOCAL.gstager.070507143051;
application name=db2bp;
auth type=SERVER;
plugin name=IBMOSauthserver;
Table 1. Audit Record Layout for VALIDATE Events
NAME FORMAT DESCRIPTION
Timestamp CHAR(26) Date and time of the audit event.
Category CHAR(8) Category of audit event. Possible values are:
   VALIDATE
Audit Event VARCHAR(32) Specific Audit Event.

Possible values include: GET_GROUPS, GET_USERID, AUTHENTICATE_PASSWORD, VALIDATE_USER, AUTHENTICATION and GET_USERMAPPING_FROM_PLUGIN.

Event Correlator INTEGER Correlation identifier for the operation being audited. Can be used to identify what audit records are associated with a single event.
Event Status INTEGER Status of audit event, represented by an SQLCODE where
   Successful event > = 0
   Failed event < 0
Database Name CHAR(8) Name of the database for which the event was generated. Blank if this was an instance level audit event.
User ID VARCHAR(1024) User ID at time of audit event.
Authorization ID VARCHAR(128) Authorization ID at time of audit event.
Execution ID VARCHAR(1024) Execution ID in use at the time of the audit event.
Origin Node Number SMALLINT Member number at which the audit event occurred.
Coordinator Node Number SMALLINT Member number of the coordinator member.
Application ID VARCHAR(255) Application ID in use at the time the audit event occurred.
Application Name VARCHAR(1024) Application name in use at the time the audit event occurred.
Authentication Type VARCHAR(32) Authentication type at the time of the audit event.
Package Schema VARCHAR(128) Schema of the package in use at the time of the audit event.
Package Name VARCHAR(128) Name of package in use at the time the audit event occurred.
Package Section Number SMALLINT Section number in package being used at the time the audit event occurred.
Package Version VARCHAR(64) Version of the package in use at the time the audit event occurred.
Plug-in Name VARCHAR(32) The name of the plug-in in use at the time the audit event occurred.
Local Transaction ID VARCHAR(10) FOR BIT DATA The local transaction ID in use at the time the audit event occurred. This is the SQLU_TID structure that is part of the transaction logs.
Global Transaction ID VARCHAR(30) FOR BIT DATA The global transaction ID in use at the time the audit event occurred. This is the data field in the SQLP_GXID structure that is part of the transaction logs.
Client User ID VARCHAR(255) The value of the CURRENT CLIENT USERID special register at the time the audit event occurred.
Client Workstation Name VARCHAR(255) The value of the CURRENT CLIENT_WRKSTNNAME special register at the time the audit event occurred.
Client Application Name VARCHAR(255) The value of the CURRENT CLIENT_APPLNAME special register at the time the audit event occurred.
Client Accounting String VARCHAR(255) The value of the CURRENT CLIENT_ACCTNG special register at the time the audit event occurred.
Trusted Context Name VARCHAR(255) The name of the trusted context associated with the trusted connection.
Connection Trust Type CHAR(1)
Possible values are:

'' - NONE
'1' - IMPLICIT_TRUSTED_CONNECTION
'2' - EXPLICIT_TRUSTED_CONNECTION  
Role Inherited VARCHAR(128) The name of the role inherited through the trusted context.
Original User ID VARCHAR(1024) The value of the CLIENT_ORIGUSERID global variable at the time the audit event occurred.