Question & Answer
Question
How do you create a report that keeps track of changes to Exit Point Programs in the Registration Facility?
Cause
Answer
The Security Audit Journal can be used to track changes to Exit Point Programs. The following document creates a report of Addition, Deletion, and Replacement of Exit Point Programs in the Registration Facility.
The AUDIT_JOURNAL_GR table function returns rows from the audit journal that contain information from the GR (Generic Record) journal entries.
Authorization: No authorization needed.
Note: The AUDIT_JOURNAL_GR table function is available on IBM i 7.5 base, IBM i 7.4 at SF99704 Level 15 and IBM i 7.3 at SF99703 Level 26. For older releases, use Method 2.
Before you start, verify that the QAUDJRN journal exists and that you have *SECCFG or *SECURITY on your QAUDLVL system value.
Use the DSPSECAUD command and make sure the following settings are configured on your system:
Security journal QAUDJRN exists . . . . . : YES
Current QAUDCTL system value . . . . . . : *AUDLVL
Current QAUDLVL system value . . . . . . : *SECCFG
NOTE: The value *SECURITY also tracks the changes to Exit Point Programs.
If not there, use the CHGSECAUD command to add them to your system. Keep in mind that the auditing values need to be active on your system before the report can be generated.
To get a report of Exit Point Programs, follow the steps:
Method 1: Using the AUDIT_JOURNAL_GR table function.
1) Open the ACS Run SQL Scripts tool
2) Run the following SQL:
SELECT ENTRY_TIMESTAMP,
JOB_NAME,
JOB_USER,
JOB_NUMBER,
ENTRY_TYPE,
ENTRY_TYPE_DETAIL,
"ACTION",
EXIT_POINT_NAME,
EXIT_POINT_FORMAT,
EXIT_PROGRAM
FROM TABLE (
SYSTOOLS.AUDIT_JOURNAL_GR(STARTING_TIMESTAMP => CURRENT DATE - 7 DAYS)
)
where entry_type in ('A', 'D', 'R')
Note 1: Modify the number of days for the report.
Note 2: If Hexadecimal data is displayed on the report, you need to change the JDBC connection properties to translate the CCSID to 65535. On the Run SQL tool, select the Connection Menu > Connected > Edit JDBC Connection > Translation and click on Translate CCSID 65535. Save the connection and reconnect to run the SQL.
Method 2: Using the command CPYAUDJRNE.
1) Use the CPYAUDJRNE command to extract the data from the Audit Journal and create a file:
CPYAUDJRNE ENTTYP(GR) JRNRCV(*CURCHAIN) FROMTIME(082322 070000) TOTIME(082400 110000)
Note 1: Modify the date and time on the CPYAUDJRNE command.
Note 2: The command creates a file QAUDITGR in library QTEMP
2) Use the STRSQL to get to the SQL command line and run:
SELECT GRTSTP, GRJOB, GRUSER, GRNBR, GRTYPE, GRACTN,
GRFLD1 FROM QTEMP/QAUDITGR WHERE
GRTYPE = 'A' OR GRTYPE = 'D' OR GRTYPE = 'R'
More information on the AUDIT_JOURNAL_GR table function: AUDIT_JOURNAL_GR
[{"Type":"MASTER","Line of Business":{"code":"LOB57","label":"Power"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SWG60","label":"IBM i"},"ARM Category":[{"code":"a8m0z0000000CHyAAM","label":"Security"}],"ARM Case Number":"TS010289608","Platform":[{"code":"PF012","label":"IBM i"}],"Version":"7.2.0;7.3.0;7.4.0;7.5.0"}]
Was this topic helpful?
Document Information
Modified date:
25 August 2022
UID
ibm16614729