AUDIT command with REPORT subcommand

Usage

Use the REPORT subcommand to generate reports from records.

Usage notes

• Up to five REPORT subcommands can be specified within each AUDIT command.

Syntax of the REPORT subcommand

Subcommand options

The syntax diagram shows the options that are available with this subcommand. See Subcommand options for comprehensive descriptions of these options. The following list gives additional or specific descriptions of selected options, where appropriate.

FROM/TO

Limits the range of records included in the reporting process by date and time.

For details, see FROM/TO subcommand options.

SCOPE

Specifies the scope of the report in a data sharing environment.

MEMBER

GROUP

LEVEL

Specifies the level of the report. You can enter either of the following:

SUMMARY

Produces reports of aggregated audit data.

DETAIL

Produces reports of non-aggregated audit data in timestamp sequence within the requested TYPE and ORDER. Events within reports are sorted by timestamp within OMEGAMON® for DB2® PE identifiers.

Note: There is a dependency between the two commands AUDIT REPORT LEVEL(SUMMARY) and AUDIT REPORT LEVEL(DETAIL). If you request a SUMMARY report and a DETAIL report for the same audit TYPE, then first specify the DETAIL report and then the SUMMARY report in order to receive meaningful data in the SUMMARY report. If you request a SUMMARY report without a DETAIL report, then there is no dependency and the SUMMARY report delivers valuable results.

TYPE

Specifies the type of audit data to be reported. You can enter one or more of the following:

ALL

All audit categories are reported (the default)

AUTHCHG

Changes to authorization identifiers

AUTHCNTL

GRANTs and REVOKEs of privileges

AUTHFAIL

Authorization failure

BIND

DML statements at bind of auditable DB2 tables

DDL

DDL operations against auditable DB2 tables

DML

Read/write access against auditable DB2 tables

UTILITY

Utility access against auditable DB2 tables

Note:

1. If you select audit types in REPORT that were not specified in the TYPE option of REDUCE, blank reports are generated for those audit types.
2. If TYPE is specified with LEVEL(SUMMARY), a report of aggregated audit data is produced for each type requested.
3. If TYPE is not specified with LEVEL(SUMMARY), one report showing aggregated totals for all audit types is produced.
4. If TYPE is specified with LEVEL(DETAIL), one report showing nonaggregated audit data of all the requested types is produced.
5. If TYPE is not specified with LEVEL(DETAIL), a report showing nonaggregated audit data of all types is produced.

DDNAME

Specifies the data set where the report is written.

ORDER

Specifies the OMEGAMON for DB2 PE identifiers and their sequence for sorting the report and, in summary reports, which identifiers are used for aggregation.

For details, see ORDER subcommand option and OMEGAMON for Db2 PE identifiers.

The default for ORDER varies with the LEVEL and TYPE specified.

The definition of an object depends on the LEVEL and TYPE specified.

INCLUDE/EXCLUDE

Includes or excludes data associated with specific OMEGAMON for DB2 PE identifiers.

For details, see INCLUDE and EXCLUDE subcommand options, which lists other identifiers allowed with this command and subcommand combination, and OMEGAMON for Db2 PE identifiers.