IFCID 319 - Audit Security Record
This topic shows detailed information about Record Trace - IFCID 319 - Audit Security Record
.
When a local DB2 receives a non-RACF identity that represents a user, it maps that name to a local user ID for use in connection processing. This record traces the mapping. This record provides an audit trail for security processing.
Record trace - IFCID 319 - Audit Security Record
The field labels shown in the following sample layout of Record Trace - IFCID 319 - Audit
Security Record
are described in the following section.
-------- -------- ----------- ----------------- ------ --- --- -------------- ------------------------------------------------------
'BLANK' DISCN-NC C8331B99653E 'BLANK' 'BLANK' 'BLANK'
'BLANK' 028.DBAA 'BLANK' 07:15:10.99044681 9 1 319 KERBEROS NETWORKID: G99D8419 LUNAME: G757 LUWSEQ: 1
'BLANK' 05 0.06594537 SECURITY REQUESTING LOCATION: ::FFFF:9.157.132
REQUESTING TIMESTAMP: N/P
AR NAME: KOZUS_AV PRDID: CLNT/SER V9 R7 M0
|-------------------------------------------------------------------------------------------------------------------------
|REQ COMMUNICATION ADDR: 'BLANK' COMMUNICATION ADDR TYPE: TCP/IP CLIENT PRODUCT ID : SQL09070
|DERIVED LOCAL USERID : kozs SECURITY TYPE : ENCRYPTED
|FLAGS: SECURITY MECHANISM : ENCRYPT UID PW
|- USER REGISTRY NAME: NO
|- AES IS USED: NO
|- SERVER ENCRYPT COMP: YES
|- SECURE CONNECTION: YES
|
|IPV6 ADDRESS : X'00000000000000000000FFFF099D8419'
|PRINCIPAL NAME LENGTH : 0
|PRINCIPAL NAME : N/P
|PORT-INTERNAL FORMAT : X'0757'
|-------------------------------------------------------------------------------------------------------------------------
- REQ COMMUNICATION ADDR
-
Requesting communication address. For SNA, this field shows the LU name, for TCP/IP, this shows the dotted decimal IP address.
Field Name: QW0319AD
- COMMUNICATION ADDR TYPE
-
Type of communication address: SNA or TCP/IP.
Field Name: QW0319CT
- CLIENT PRODUCT ID
-
The identification of the client product.
Field Name: QW0319CP
- DERIVED LOCAL USERID
-
Local user ID mapped by DB2.
Field Name: QW0319US
- SECURITY TYPE
-
The type of security identity. Possible values are:
- KERBEROS
- ENCRYPTED
Field Name: QW0319TY
- SECURITY MECHANISM
-
The security mechanism used. Possible values are:
- User ID (UID) and encrypted password (PW)
- Encrypted UID and PW
- Encrypted UID, PW, and new PW
- Encrypted UID and data
- Encrypted UID, PW, and data
- Encrypted UID, PW, new PW, and data
- Encrypted UID only
Field Name: QW0319SM
- FLAGS - USER REGISTRY NAME
-
This flag shows if the caller passed the user registry name.
Field Name: QW0319UR
- FLAGS - AES IS USED
-
This flag shows if Advanced Encryption Standard (AES) is used for encryption.
Field Name: QW0319AE
- FLAGS - SERVER ENCRYPT COMP
- This flag shows whether the remote connection is compatible with the Db2 system parameter
TCPALVER=SERVER_ENCRYPT.
Field Name: QW0319SC
- FLAGS - SECURE CONNECTION
- This flag shows whether the remote connection was secure.
Field Name: QW0319SE
- IPV6 ADDRESS
-
If the type of the communication address is TCP/IP, it is the 16 byte hexadecimal (HLHLHLHLHLHLHLHLHLHLHLHLHLHLHLHL) IP address of the internal 128 bit format, where:
- H represents the high order half byte value
- L represents the low order half byte value
Field Name: QW0319IPA
- PRINCIPAL NAME LENGTH
-
Length of principal name.
Field Name: QW0319L1
- PRINCIPAL NAME
-
The requesting principal name. This can be up to 256 characters and can contain lowercase characters.
Field Name: QW0319D1
- PORT-INTERNAL FORMAT
-
If the type of the communication address is TCP/IP, this field shows the 16 bit port number in internal format.
Field Name: QW0319PRT