Prevent a user from deleting the DFU Audit Log?

How can I prevent the user, who has an UPDDTA authority, from deleting the DFU Audit Log?

The DFU audit log is actually a spooled file. If you can specify which outq the audit log goes to, specify that the spooled file goes to a secured outq. If the user has *JOBCTL special authority, make sure you send the spooled file to an outq that was created with OPRCTL(*NO) so they cannot manipulate the spooled file. If the user has *SPLCTL special authority, you cannot prevent them from deleting the spooled file.

==================================
MORE INFORMATION ON THIS TOPIC
==================================

The Best Web Links: Tips, tutorials and more.

Search400.com's targeted search engine: Get relevant information on security.

Ask your systems management questions--or help out your peers by answering them--in our live discussion forums.

Read this Search400.com Featured Topic: Secure your iSeries

Prevent a user from deleting the DFU Audit Log?

Dig Deeper on iSeries system and application security

Printing from the iSeries

Common AS/400 commands

Creating a remote output printing queue from the AS/400

How can I save and restore spool file data as part of my backup/recovery process?

Related Q&A from Carol Woodbury

Changing password security levels and upgrading operating systems on the IBM i

Resolving AS/400 error messages regarding attempts to use an object without authority

Determine the value of parameter UPPWEI in the DSPUSRPRF field

SearchDataCenter

Get a template to estimate server power consumption per rack

When the chips are down, Intel turns to VMware's Pat Gelsinger

Intel CEO Bob Swan to be replaced by VMware's Pat Gelsinger