AUDIT command with FILE subcommand

This section describes the AUDIT command with the FILE subcommand.

Usage

Use the FILE subcommand to format unreduced DB2® data and store it in sequential data sets suitable for use by the DB2 load utility. The records can be placed in DB2 tables, and you can produce reports by using a reporting facility such as Query Management Facility (QMF).

Usage notes

By using the FILE subcommand you can:
  • Process the different audit types separately by specifying one audit type for each FILE subcommand.
  • Process the different audit types simultaneously by specifying any number of the available audit types in each FILE subcommand.

    The FILE subcommand can occur a maximum of seven times in a job step.

Syntax of the FILE subcommand

Read syntax diagramSkip visual syntax diagram(7)FILEFROM/TO blockTYPE(ALLAUTHCHGAUTHCNTLAUTHFAILBINDDDLDMLUTILITY)DDNAME(AUFILDD*ddname)INCLUDE/EXCLUDE block

Subcommand options

The syntax diagram shows the options that are available with this subcommand. See Subcommand options for comprehensive descriptions of these options. The following list gives additional or specific descriptions of selected options, where appropriate.

FROM/TO
Limits the range of records included in the data set by date and time.

For details, see FROM/TO subcommand options.

TYPE
Selects the audit category. It identifies the type of data included in the data set. You can enter one or more of the following:
ALL
All audit categories are reported (the default)
AUTHCHG
Changes to authorization identifiers
AUTHCNTL
GRANTs and REVOKEs of privileges
AUTHFAIL
Authorization failure
BIND
DML statements at bind of auditable DB2 tables
DDL
DDL operations against auditable DB2 tables
DML
Read/write access against auditable DB2 tables
UTILITY
Utility access against auditable DB2 tables
DDNAME
Specifies the ddname where the file data set is written. The default ddname is AUFILDD1 for the first file data set, and AUFILDD2 to AUFILDD7 for the second to seventh file data sets.

You can specify a different ddname by using the DDNAME option in the FILE subcommand. In this case, your JCL must contain a valid DD statement for the ddname you specify. If you do not specify a different ddname, your JCL must contain a valid DD statement for the corresponding default ddname. For example, if you omit the DDNAME option from the third FILE subcommand in the job stream, your JCL must contain a valid DD statement for AUFILDD3.

INCLUDE/EXCLUDE
Includes or excludes data associated with specific OMEGAMON® for DB2 PE identifiers.

For details, see INCLUDE and EXCLUDE subcommand options, which lists other identifiers allowed with this command and subcommand combination, and OMEGAMON for Db2 PE identifiers.

Example using FILE with TYPE option

This command generates a data set in the default ddname AUFILDD1. The data set contains one or more records for each authorization failure: an AUTHFAIL record and any matching records containing the text of the SQL statement that caused the authorization failure.

 
FILE
   TYPE (AUTHFAIL)