IBM Support

Audit journal entry services

News


Abstract

This group of table functions provides detailed information for audit journal entries.

Content

You are in: IBM i Technology Updates > Db2 for i - Technology Updates > IBM i Services (SQL) > Audit journal entry services
For complete detail, visit this IBM Documentation page: Audit journal entry services
To confirm that security is setup to generate the audit journal entries, use QSYS2.SECURITY_INFO.
select count(*) as "AF_and_PW_enabled?"
  from qsys2.security_info
  where (auditing_control like '%*AUDLVL%') and
        ((auditing_level like '%*AUTFAIL%') or
         (auditing_level like '%*AUDLVL2%' and
          auditing_level_extension like '%*AUTFAIL%'));
select count(*) as "CA_and_OW_enabled?"
  from qsys2.security_info
  where (auditing_control like '%*AUDLVL%') and
        ((auditing_level like '%*SECURITY%') or (auditing_level like '%*SECRUN%') or
         (auditing_level like '%*AUDLVL2%' and
           (auditing_level_extension like '%*SECURITY%') or (auditing_level_extension like '%*SECRUN%')));
Example usage:
--
-- Review a summary of the password failures, which occurred in the last 24 hours  
--
select  VIOLATION_TYPE_DETAIL, AUDIT_USER_NAME, count(*) as pw_failures
  from table (
      SYSTOOLS.AUDIT_JOURNAL_PW(STARTING_TIMESTAMP => current timestamp - 24 hours)
    ) pw
    group by VIOLATION_TYPE_DETAIL, AUDIT_USER_NAME
    order by 3 desc;

Enhanced with IBM i 7.5 SF99950 Level 7 & IBM i 7.4 SF99704 Level 28:

  • Performance improved for the AU, AX, CP, EV, GR, OM, and ZC audit journal entry services
  • Add more helper functions for NA and PS audit journal entry types

Enhanced with IBM i 7.5 SF99950 Level 5 & IBM i 7.4 SF99704 Level 26:

  • Add more helper functions for AU and LD audit journal entry types

Enhanced with IBM i 7.5 SF99950 Level 4 & IBM i 7.4 SF99704 Level 25:

  • Add more helper functions for AP, AX, OR, PA, PF, PU, RA, RO, and RZ audit journal entry types

Enhanced with IBM i 7.5 SF99950 Level 2 and IBM i 7.4 SF99704 Level 23:

  • Add more helper functions for AD, DS, IM, PG, SK, SM, ZC, and ZR audit journal entry types

Enhanced with IBM i 7.5 SF99950 Level 1, IBM i 7.4 SF99704 Level 20, and IBM i 7.3 SF99703 Level 28:

  • Add more helper functions for JS, ST, and OM audit journal entry types

Enhanced with IBM i 7.4 SF99704 Level 15 and IBM i 7.3 SF99703 Level 26:

  • Add more helper functions for CD, CO, CP, DO, EV, GR, and SV audit journal entry types
  • In IBM i 7.4, add helper functions for IBM Db2 Mirror for i, M0, M6, M7, M8, and M9 audit journal entry types
Enhanced with IBM i 7.4 SF99704 Level 13 and IBM i 7.3 SF99703 Level 24:
  • Add the first set of helper functions for AF, CA, OW, and PW audit journal entry types

[{"Business Unit":{"code":"BU070","label":"IBM Infrastructure"},"Product":{"code":"SWG60","label":"IBM i"},"Component":"","Platform":[{"code":"PF012","label":"IBM i"}],"Version":"All Versions","Edition":"","Line of Business":{"code":"LOB68","label":"Power HW"}}]

Document Information

Modified date:
23 April 2024

UID

ibm16442047