When a user attempts to access our server via SQL, this program extracts the information and deposits an entry like this into the system audit journal:
Object . . . . . . . : Library . . . . . . :
Member . . . . . . . :
Incomplete data . . : No Minimized entry data : *NONE
Sequence . . . . . . : 4547878677
Code . . . . . . . . : U - User generated entry
Type . . . . . . . . : NA -
Entry specific data
00001 'OB172.017.000.242TOCISIN *SQL INIT DBS'
00051 'ERVER LNS081100011200014TOCISIN *SQL'
The IP address 172.017.000.242 and the User ID TOCISIN is now available to us for reporting purposes.
Developing Exit Point Programs can be a very complicated process. In our case we purchased and installed a product that provides Exit Point Programs for all of the available Exit Points that IBM has defined for the iSeries. This package also includes reporting functionality so we can easily determine who is accessing what on our system.
You can also define rules within this application to decide who can and who cannot access the system. If you want to keep track of who is accessing your iSeries system from the network, you will want to take a look at some of these Exit Point monitoring products. A Google search of "iSeries Network Security" will list several options, including how to write your own Exit Point Programs…
This was first published in September 2008