Commands will then be logged in the Audit Journal. If you don't currently have an Audit Journal, instructions for setting one up are here:
Display the Audit Journal entries with Entry Type "CD" to view the commands. You can view these entries manually with the command DSPJRN JRN(QSYS/QAUDJRN) JRNCDE((T)) ENTTYP(CD) or you can display them to an outfile and run a query against it. Position 30 of the Entry specific data will have either a Y (indicating that the command was run from a CL program) or an N (indicating that the command was called from a command line or a menu option.)
For additional help with the Audit Journal, see Chapter 9 and Appendix F of the iSeries Security Reference, SC41-5302.
Dig Deeper on iSeries system performance and monitoring
Related Q&A from Scott Ingvaldson
When encountering problems using the SNDDST command to send a *LMSG on the iSeries, specify a valid SMTP name in the directory entry of the sender to... Continue Reading
When the HTTPS 443 port is not accessible from interned but is open within the local network, open the port for incoming connections by recognizing ... Continue Reading
If you receive an error following a QUSRSYS install on AS/400, you may need to reinstall while keeping a backup of the previous library because it ... Continue Reading