How to check all data access as query to DB in the ISIM

Content

• db2 reset monitor for db <database name>
• then run the activity and run the following on db2 server
• db2 "get snapshot for all on <database>" > snap.out

Go to the Manage activities and attempt to approve as Actvity in this case. I see the SELECT cmd below, and show the data, and usually, the ERUID was sorted, and see which tables are accessed, and pull all data from.

To understand which tables are access

Statement text in the snap.out below.

SELECT isimuser.audit_mgmt_activity.ROOT_WORKFLOW_PROCESS_ID,isimuser.audit_mgmt_activity.WORKFLOW_PROCESS_ID,isimuser.audit_mgmt_activity.ID,isimuser.audit_mgmt_activity.WORKITEM_ID,isimuser.audit_mgmt_activity.TYPE,isimuser.audit_mgmt_activity.NAME,isimuser.audit_mgmt_activity.PERSON_NAME,isimuser.audit_mgmt_activity.PERSON_DN,isimuser.audit_mgmt_activity.SERVICE_NAME,isimuser.audit_mgmt_activity.SERVICE_DESCRIPTION,isimuser.audit_mgmt_activity.SERVICE_DN,isimuser.audit_mgmt_activity.ACCOUNT_USERID,isimuser.audit_mgmt_activity.ACCOUNT_DN,isimuser.audit_mgmt_activity.ACCESS_CATALOG_ID,isimuser.audit_mgmt_activity.ACCESS_CATALOG_NAME,isimuser.audit_mgmt_activity.ACCESS_CATALOG_DESCRIPTION,isimuser.audit_mgmt_activity.ACCESS_CATALOG_CATEGORY,isimuser.audit_mgmt_activity.ACCESS_CATALOG_ICON,isimuser.audit_mgmt_activity.ACCESS_CATALOG_BADGE_1,isimuser.audit_mgmt_activity.ACCESS_CATALOG_BADGE_2,isimuser.audit_mgmt_activity.ACCESS_CATALOG_BADGE_3,isimuser.audit_mgmt_activity.ACCESS_CATALOG_BADGE_4,isimuser.audit_mgmt_activity.ACCESS_CATALOG_BADGE_5,isimuser.audit_mgmt_activity.CREATED_DATE,isimuser.audit_mgmt_activity.DUE_DATE,isimuser.audit_mgmt_activity.ESCALATED_DATE,isimuser.audit_mgmt_activity.COMPLETED_DATE,isimuser.audit_mgmt_activity.COMPLETION_CODES,isimuser.audit_mgmt_activity.COMPLETION_CODE,isimuser.audit_mgmt_activity.STATUS,isimuser.audit_mgmt_activity.DESCRIPTION,isimuser.audit_mgmt_activity.JUSTIFICATION,isimuser.audit_mgmt_activity.COMMENTS,isimuser.audit_event.INITIATOR_NAME,isimuser.audit_event.INITIATOR_DN,isimuser.audit_event.INITIATOR_PERSON_NAME,isimuser.audit_event.INITIATOR_PERSON_DN,isimuser.audit_event.INITIATOR_TYPE,isimuser.audit_event.TIMESTAMP FROM isimuser.audit_mgmt_activity INNER JOIN isimuser.audit_mgmt_participant ON isimuser.audit_mgmt_activity.ID=isimuser.audit_mgmt_participant.ACTIVITY_ID LEFT OUTER JOIN isimuser.audit_event ON isimuser.audit_mgmt_activity.ROOT_WORKFLOW_PROCESS_ID=isimuser.audit_event.WORKFLOW_PROCESS_ID WHERE ((UPPER(isimuser.audit_mgmt_participant.ACCOUNT_DN)='ERUID=<erudi>,OU=SYSTEMUSER,OU=ITIM,OU=GENTING,DC=COM') AND (1=1)) ORDER BY DUE_DATE ASC

All above those tables

the value is in "ISIMUSER"."AUDIT_EVENT"
"ISIMUSER"."AUDIT_MGMT_ACCESS_REQUEST"  
"ISIMUSER"."AUDIT_MGMT_MESSAGE"
"ISIMUSER"."AUDIT_MGMT_ACTIVITY"