IFCID 319 - Audit Security Record
This topic shows detailed information about Record Trace - IFCID 319 - Audit Security
Record
.
When a local Db2 receives a non-RACF identity that represents a user, it maps that name to a local user ID for use in connection processing. This record traces the mapping. This record provides an audit trail for security processing.
Record Trace - IFCID 319 - Audit Security Record
The field labels shown in the following sample layout of Record Trace - IFCID 319 - Audit
Security Record
are described in the following section.
-------- -------- ----------- ----------------- ------ --- --- -------------- ------------------------------------------------------
SYSOPR DISCN-NC DEAF1EEDFDC3 N/P N/P N/P
'BLANK' 028.DBAA 'BLANK' 10:18:32.90552338 8 1 319 KERBEROS NETWORKID: GA0F3C8F LUNAME: D3C5 LUWSEQ: 1
'BLANK' 05 0.01577121 SECURITY REQUESTING LOCATION: ::FFFF:10.15.60.143
REQUESTING TIMESTAMP: N/P
AR NAME: KOZUS_AV PRDID: JCC V4 R26 M0
|-------------------------------------------------------------------------------------------------------------------------
|REQ COMMUNICATION ADDR: 'BLANK' COMMUNICATION ADDR TYPE: TCP/IP CLIENT PRODUCT ID : JCC04260
|DERIVED LOCAL USERID : 'BLANK' SECURITY TYPE : NON ENCRYPTED PROFILE ACTION : EXCEPTION
|FLAGS: SECURITY MECHANISM : ENCRYPT UID PW PROFILE ID : 23
|- USER REGISTRY NAME: NO
|- AES IS USED: NO
|- SERVER ENCRYPT COMP: NO
|- SECURE CONNECTION: NO
|
|IPV6 ADDRESS : X'00000000000000000000FFFF0A0F3C8F'
|PRINCIPAL NAME LENGTH : 0
|PRINCIPAL NAME : N/P
|PORT-INTERNAL FORMAT : X'D3C5'
|-------------------------------------------------------------------------------------------------------------------------
- REQ COMMUNICATION ADDR
-
Requesting communication address. For SNA, this field shows the LU name, for TCP/IP, this shows the dotted decimal IP address.
Field Name: QW0319AD
- COMMUNICATION ADDR TYPE
-
Type of communication address: SNA or TCP/IP.
Field Name: QW0319CT
- CLIENT PRODUCT ID
-
The identification of the client product.
Field Name: QW0319CP
- DERIVED LOCAL USERID
-
Local user ID mapped by Db2.
Field Name: QW0319US
- SECURITY TYPE
-
The type of security identity. Possible values are:
- KERBEROS
- ENCRYPTED
- CERTIFICATE
- NON ENCRYPTED
- PASS TICKET
- AUTHENTICATION TOKEN
Field Name: QW0319TY
- PROFILE ACTION
-
Profile action taken if this record is due to MONITOR CONNECTIONS FOR SECURITY:
- W=Warning
- E=Exception
Field Name: QW0319PA
- SECURITY MECHANISM
-
The security mechanism used. Possible values are:
- User ID (UID) and password (PW)
- User ID, password and new password.
- User ID only
- User ID and encrypted password
- Encrypted UID and PW
- Encrypted UID, PW, and new PW
- Encrypted UID and data
- Encrypted UID, PW, and data
- Encrypted UID, PW, new PW, and data
- Encrypted UID only
- Authentication token security
Field Name: QW0319SM
- PROFILE ID
-
The profile ID for the associated warning or exception (QW0319PA).
Field Name: QW0319PI
- FLAGS - USER REGISTRY NAME
-
This flag shows if the caller passed the user registry name.
Field Name: QW0319UR
- FLAGS - AES IS USED
-
This flag shows if Advanced Encryption Standard (AES) is used for encryption.
Field Name: QW0319AE
- FLAGS - SERVER ENCRYPT COMP
-
This flag shows whether the remote connection is compatible with the Db2 system parameter TCPALVER=SERVER_ENCRYPT.
Field Name: QW0319SC
- FLAGS - SECURE CONNECTION
-
This flag shows whether the remote connection was secure.
Field Name: QW0319SE
- IPV6 ADDRESS
-
If the type of the communication address is TCP/IP, it is the 16 byte hexadecimal (HLHLHLHLHLHLHLHLHLHLHLHLHLHLHLHL) IP address of the internal 128 bit format, where:
- H represents the high order half byte value
- L represents the low order half byte value
Field Name: QW0319IPA
- PRINCIPAL NAME LENGTH
-
Length of principal name.
Field Name: QW0319L1
- PRINCIPAL NAME
-
The requesting principal name. This can be up to 256 characters and can contain lowercase characters.
Field Name: QW0319D1
- PORT-INTERNAL FORMAT
-
If the type of the communication address is TCP/IP, this field shows the 16 bit port number in internal format.
Field Name: QW0319PRT