IBM Support

Audit journal entry services

News


Abstract

This group of table functions provides detailed information for audit journal entries.

Content

You are in: IBM i Technology Updates > Db2 for i - Technology Updates > IBM i Services (SQL) > Audit journal entry services
For complete detail, visit this IBM Documentation page: Audit journal entry services
To confirm that security is setup to generate the audit journal entries, use QSYS2.SECURITY_INFO.
select count(*) as "AF_and_PW_enabled?"
  from qsys2.security_info
  where (auditing_control like '%*AUDLVL%') and
        ((auditing_level like '%*AUTFAIL%') or
         (auditing_level like '%*AUDLVL2%' and
          auditing_level_extension like '%*AUTFAIL%'));
select count(*) as "CA_and_OW_enabled?"
  from qsys2.security_info
  where (auditing_control like '%*AUDLVL%') and
        ((auditing_level like '%*SECURITY%') or (auditing_level like '%*SECRUN%') or
         (auditing_level like '%*AUDLVL2%' and
           (auditing_level_extension like '%*SECURITY%') or (auditing_level_extension like '%*SECRUN%')));
Example usage:
--
-- Review a summary of the password failures, which occurred in the last 24 hours  
--
select  VIOLATION_TYPE_DETAIL, AUDIT_USER_NAME, count(*) as pw_failures
  from table (
      SYSTOOLS.AUDIT_JOURNAL_PW(STARTING_TIMESTAMP => current timestamp - 24 hours)
    ) pw
    group by VIOLATION_TYPE_DETAIL, AUDIT_USER_NAME
    order by 3 desc;

Enhanced with IBM i 7.4 SF99704 Level 15 and IBM i 7.3 SF99703 Level 26:

  • Add more helper functions for CD, CO, CP, DO, EV, GR, and SV audit journal entry types
  • In IBM i 7.4, add helper functions for IBM Db2 Mirror for i, M0, M6, M7, M8, and M9 audit journal entry types
Enhanced with IBM i 7.4 SF99704 Level 13 and IBM i 7.3 SF99703 Level 24:
  • Add the first set of helper functions for AF, CA, OW, and PW audit journal entry types

[{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SWG60","label":"IBM i"},"Component":"","Platform":[{"code":"PF012","label":"IBM i"}],"Version":"All Versions","Edition":"","Line of Business":{"code":"LOB08","label":"Cognitive Systems"}}]

Document Information

Modified date:
07 September 2021

UID

ibm16442047