Auditing the use of an administrative authority

You can create and activate an audit policy to audit how a Db2 administrative authority is used.

About this task

Suppose that you have the SECADM authority and are responsible for making sure that all security policies, including audit policies, work as designed. You want to audit the use of the SYSADM authority by user SYSADMIN1.

Procedure

To audit the use of the SYSADM authority by SYSADMIN1:

  1. Create audit policy AUDITADMN1 by issuing the following INSERT statement:

    Begin general-use programming interface information.

    INSERT INTO SYSIBM.SYSAUDITPOLICIES(AUDITPOLICYNAME, SYSADMIN)
		VALUES('AUDITADMN1','S');
    End general-use programming interface information.

    Db2 checks to make sure that you have the required privilege to issue the INSERT statement. Upon successful verification, it inserts a row in SYSIBM.SYSAUDITPOLICIES to include the new policy.

  2. Activate the audit policy by issuing the START TRACE command:

    Begin general-use programming interface information.

    -STA TRACE (AUDIT) DEST (GTF) AUDTPLCY(AUDITADMN1)
    End general-use programming interface information.

    Begin program-specific programming interface information.Db2 checks to make sure that you have the required privilege to run the START TRACE command. Upon successful verification, it starts an IFCID 0361 trace record.

    For example, if SYSADM1 issues the ALTER BUFFERPOOL command to alter the attributes for active buffer pools, Db2 records the ALTER activity in the IFCID 0361 trace record.End program-specific programming interface information.