Using CHGSECAUD to set up security auditing
Using the CHGSECAUD command, you can activate system security auditing
for actions by ensuring that the security journal exists, setting the QAUDCTL
system value to *AUDLVL, and setting the QAUDLVL system value to the default
set of values. The default set includes *AUTFAIL, *CREATE, *DELETE, *SECURITY,
and *SAVRST action audits.
CHGSECAUD QAUDCTL(*AUDLVL) QAUDLVL(*DFTSET)Overview:
- Purpose:
- Set up the system to collect security events in the QAUDJRN journal.
- How To:
- CHGSECAUD
DSPSECAUD
- Authority:
- The user must have *ALLOBJ and *AUDIT special authority.
- Journal Entry:
- CO (create object)
SV (system value change)
AD (object and user audit changes) - Note:
- The CHGSECAUD command creates the journal and journal receiver if it does not exist. The CHGSECAUD then sets the QAUDCTL, QAUDLVL, and QAUDLVL2 system values.