
	Home > Ask the AS/400 Experts > iSeries Systems Management Questions & Answers > Detecting system changes made by outside IP address

Ask The iSeries 400 Expert: Questions & Answers

EMAIL THIS

Detecting system changes made by outside IP address

EXPERT RESPONSE FROM: Ken Graap

		Pose a Question

		Other iSeries 400 Categories

		Meet all iSeries 400 Experts
		Become an Expert for this site

iSeries news and advice

Digg This! StumbleUpon Del.icio.us

QUESTION POSED ON: 18 July 2008
How can I get the User and IP of someone who is making changes to a file in the AS400 with an external program? For example, using the iSeries Navigator to make an SQL change to a table? I want to know how to obtain the user that logged in and their IP. I have a trigger to the table and I want to save a log for all those changes.

Digg This!

StumbleUpon

Del.icio.us

RELATED CONTENT

	iSeries Systems Management
	Transfer files from one environment to another without closing all other AS/400 sessions
	Send a *LMSG successfully on AS/400 using the SNDDST command
	Extend storage capacity on an IBM i without negatively effecting system performance
	Configure the iSeries v5r4 to open the HTTPS port for incoming connections
	Changing system CCSID
	Changing user password expiration
	HIPER PTF installation and cover letters for SF99097
	Library QUSRSYS not completely installed
	SQL statement history storage
	Setting up an automatic reply in the system reply list

iSeries system performance and monitoring

Translating Linux for IBM i admins: Working with jobs and networking

Database performance comparisons on IBM i

How to: Monitoring job activity on the AS/400

Performance tuning for IBM i: The basics and beyond

How to: Reduce the percentage of ASP used on the AS/400

AS/400 system values quiz

Checking on System i disk space requires creating a new command: XRTVSYSSTS

Drive space management commands

Viewing netstat information

IBM System i APIs at Work, Second Edition -- Chapter 10

Security Tools

Tracking remote access users on System i

User being locked out by Windows share on iSeries

Controlling remote access on your IBM i

Checking in on your IBM i authorization lists

Expanded password rules available in System i/OS 6.1

How to tell if you're using the right security level

Search400.com Products of the Year 2008

System values on i: Setting them up and locking i down

A guide to System i security, Part 3: Digging in to the System i security environment

Encrypting files or fields on the iSeries

RELATED GLOSSARY TERMS

Terms from Whatis.com − the technology online dictionary

CIW (Search400.com)

RELATED RESOURCES

2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems

Search Bitpipe.com for the latest white papers and business webcasts

Whatis.com, the online computer dictionary

Your trigger program doesn't have access to the location information for an external SQL request. However, you could use an Exit Point Program to intercept a transaction as it is connecting to your system and extract the source IP address information. For example: We have an Exit Point Program that interrogates all SQL initialization requests…

When a user attempts to access our server via SQL, this program extracts the information and deposits an entry like this into the system audit journal:

Object . . . . . . . :                   Library  . . . . . . :         

Member . . . . . . . :                                                  

Incomplete data  . . :   No              Minimized entry data :   *NONE 

Sequence . . . . . . :   4547878677                                     

Code . . . . . . . . :   U  - User generated entry                      

Type . . . . . . . . :   NA -


            Entry specific data                                         

Column      *...+....1....+....2....+....3....+....4....+....5          

00001      'OB172.017.000.242TOCISIN   *SQL      INIT      DBS'         

00051      'ERVER  LNS081100011200014TOCISIN   *SQL'

The IP address 172.017.000.242 and the User ID TOCISIN is now available to us for reporting purposes.

Developing Exit Point Programs can be a very complicated process. In our case we purchased and installed a product that provides Exit Point Programs for all of the available Exit Points that IBM has defined for the iSeries. This package also includes reporting functionality so we can easily determine who is accessing what on our system.

You can also define rules within this application to decide who can and who cannot access the system. If you want to keep track of who is accessing your iSeries system from the network, you will want to take a look at some of these Exit Point monitoring products. A Google search of "iSeries Network Security" will list several options, including how to write your own Exit Point Programs…

Search and Browse the Expert Answer Center
Search and browse more than 25,000 question and answer pairs from more than 250 TechTarget industry experts.

Browse our Expert Advice
Operating Systems IT Management Networking Database	Security Servers and Storage Applications and Development Career Center

iSeries Networking - Printing, Remote Access, TCP/IP

SEARCH

TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.


TechTarget Corporate Web Site \| Media Kits \| Site Map All Rights Reserved, Copyright 1999 - 2009, TechTarget \| Read our Privacy Policy