Check for invalid log-on attempts
Is there a command I could use to check for invalid log-on attempts. I know I could use DSPLOG for MSGID CPF1393, but is there a way of passing info such as user, device and subsystem to an outfile to query later on?
QASYxxJn where xx is the entry type, in this case PW, and n is the journal type – the higher the number, the more information in the entry. If you're running V5R2, you can use type five otherwise I recommend type four. The iSeries Security Reference manual, Appendix F contains the layout of each of the auditing model outfiles. The manual is available in PDF form on the IBM Information Center.
In this case, you'll want to create a duplicate object of the QSYS/QASYAFJ5 entry and then specify this on the OUTFILE parameter on the DSPJRN command as follows:
You can then look at the contents of the entire file or query to find the exact information you're looking for.
Dig Deeper on iSeries system and application security
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.
Meet all of our AS/400 experts
View all AS/400 questions and answers
Start the conversation
0 comments