Audit Security Record (IFCID 319)

This topic provides a sample and the field description of the Authorization Change for different security types (IFCID 319).

Audit Security Record (IFCID 319) - Authorization Change

This sample shows the layout for an authorization change for different security types (IFCID 319):


TYPE:               KERBEROS                         COMMS ADDR TYPE:   TCP/IP  
IP ADDR:            000102030405060718191A1B1C1D1E1F PORT:              1234    
DERIVED LOCAL UID:  DERLOCID                         CLIENT PRODUCT ID: CLPRODID
PRINCIPAL NAME:     THIS IS AN EXAMPLE OF A VERY LONG REQUESTING KERBEROS NAME 
                    THAT EXCEEDS THE OUTPUT LINE 

TYPE:               KERBEROS                         COMMS ADDR TYPE:   SNA        
LU NAME:            LUN>=V9                                                        
DERIVED LOCAL UID:  DERLOCID                         CLIENT PRODUCT ID: CLPRODID   
PRINCIPAL NAME:     THIS IS AN EXAMPLE OF A VERY LONG REQUESTING KERBEROS NAME 
                    THAT EXCEEDS THE OUTPUT LINE 

TYPE:               ENCRYPTED                        COMMS ADDR TYPE:   TCP/IP  
IP ADDR:            000102030405060718191A1B1C1D1E1F PORT:              1234    
DERIVED LOCAL UID:  DERLOCID                         CLIENT PRODUCT ID: CLPRODID
SECURITY MECHANISM: UID Encrypt PW.
PROFILE ACTION    : WARNING                                                                                                 
                                                                                

TYPE:               ENCRYPTED                        COMMS ADDR TYPE:   SNA           
LU NAME:            LUN>=V9                                                           
DERIVED LOCAL UID:  DERLOCID                         CLIENT PRODUCT ID: CLPRODID      
SECURITY MECHANISM: UID Encrypt PW.                                 

TYPE:               NON ENCRYPTED                    COMMS ADDR TYPE:   TCP/IP           
IP ADDR:            000102030405060718191A1B1C1D1E1F PORT:              1234         
DERIVED LOCAL UID:  DERLOCID                         CLIENT PRODUCT ID: CLPRODID      
SECURITY MECHANISM: UID PW.   
PROFILE ACTION    : WARNING                                                    
PROFILE ID        : 23
                              
TYPE:               PASS TICKET                      COMMS ADDR TYPE:   TCP/IP           
IP ADDR:            000102030405060718191A1B1C1D1E1F PORT:              1234         
DERIVED LOCAL UID:  DERLOCID                         CLIENT PRODUCT ID: CLPRODID      
SECURITY MECHANISM: UID PW.   
PROFILE ACTION    : EXCEPTION                                                     
PROFILE ID        : 23

Field description

The fields are described in the following:

TYPE
The type of security identity:
  • KERBEROS
  • ENCRYPTED
  • CERTIFICATE
  • NON ENCRYPTED
  • PASS TICKET

Derivation: Db2 field QW0319TY

COMMS ADDR TYPE
Type of communication address: SNA or TCP/IP.

Derivation: Db2 field QW0319CT

IP ADDR
If the type of the communication address is TCP/IP, it is the 16 byte hexadecimal (HLHLHLHLHLHLHLHLHLHLHLHLHLHLHLHL) IP address of the internal 128 bit format, where:
  • H represents the high order half byte value
  • L represents the low order half byte value

Derivation: Db2 field QW0319IPA

PORT
The internal port format in case of communication address type TCP/IP.

Derivation: Db2 field QW0319PRT

DERIVED LOCAL UID
Local user ID mapped by Db2.

Derivation: Db2 field QW0319US

CLIENT PRODUCT ID
The identification of the client product.

Derivation: Db2 field QW0319CP

PRINCIPAL NAME
The requesting principal name. This can be up to 256 characters and can contain lowercase characters.

Derivation: Db2 field QW0319D1

LU NAME
If the type of the communication address is SNA, it is the 8 byte logical unit name.

Derivation: Db2 field QW0319LUN

SECURITY MECHANISM
The security mechanism. Possible values are:
  • UID PW
  • UID PW NewPW
  • UID ONLY
  • UID Encrypt PW
  • Encrypt UID PW
  • Encrypt UID PW NewPW
  • Encrypt UID Data
  • Encrypt UID PW Data
  • Encrypt UID PW NewPW
  • Data Encrypt UID only

Derivation: Db2 field QW0319SM

PROFILE ACTION
The profile action that is taken if this record is due to MONITOR CONNECTIONS FOR SECURITY. Possible values are:
  • W=Warning
  • E=Exception

Derivation: Db2 field QW0319PA

PROFILE ID
The profile ID of the associated warning or exception (QW0319PA).

Derivation: Db2 field QW0319PI