You can create and activate an audit policy to audit how
a Db2 administrative authority
is used.
About this task
Suppose that you have the SECADM authority and are responsible
for making sure that all security policies, including audit policies,
work as designed. You want to audit the use of the SYSADM authority
by user SYSADMIN1.
Procedure
To audit the use of the SYSADM authority by SYSADMIN1:
- Create audit policy AUDITADMN1 by issuing the following
INSERT statement:
INSERT INTO SYSIBM.SYSAUDITPOLICIES(AUDITPOLICYNAME, SYSADMIN)
VALUES('AUDITADMN1','S');
Db2 checks
to make sure that you have the required privilege to issue the INSERT
statement. Upon successful verification, it inserts a row in SYSIBM.SYSAUDITPOLICIES
to include the new policy.
- Activate the audit policy by issuing the START
TRACE command:
-STA TRACE (AUDIT) DEST (GTF) AUDTPLCY(AUDITADMN1)
Db2 checks
to make sure that you have the required privilege to run the START
TRACE command. Upon successful verification, it starts an
IFCID 0361 trace record.
For example, if SYSADM1 issues the
ALTER BUFFERPOOL command to alter the attributes for active buffer
pools, Db2 records
the ALTER activity in the IFCID 0361 trace record.