information they are not allowed to display or print.
I looked in our system journals (QAUDJRN) and did not find any information!
How can I record users' activity when they browse the records of a file?
it can't be viewed by unauthorized users. However, if you don't want to protect
your data from unauthorized use, you can have the system log who is using it.
Read Access journal entries can be generated and deposited in the
Security Audit Journal (QAUDJRN).
First you will need to turn on Security Auditing.
Read the IBM document on how to do this.
Once Security Auditing has been turned on you are ready to select objects
you want to log access for.
For example, to audit all access to a file named KENNETH/ALLGRPP, I need
to tell the system to record security events for this object.
The CHGOBJAUD command is used to do this.
CHGOBJAUD OBJ(KENNETH/ALLGRPP) OBJTYPE(*FILE) OBJAUD(*ALL)
tells the system to generate Security Audit Journal Entries for any access to this
Now, let's say I use RUNQRY to read this file:
RUNQRY QRY(*NONE) QRYFILE((KENNETH/ALLGRPP))
Since auditing has been turned for this file, the system records this access
event as a journal entry in the QAUDJRN. I can review these Security Journal Audit
Entries. This is a command that will help you do this:
DSPAUDJRNE ENTTYP(ZC) FROMTIME(073107 131220)
The output from this command shows who read file KENNETH/ALLGRPP and
when they did:
QUERY NAME . . . . . QSECZR LIBRARY NAME . . . . QSYS FILE LIBRARY MEMBER FORMAT QASYZRJ4 QTEMP QASYZRJ4 QASYZRJ4 DATE . . . . . . . . 07/31/07 TIME . . . . . . . . 13:28:48 07/31/07 13:28:48 PAGE 1 User Object Library Object Job Job Job Timestamp profile name name type name user number ZR KEG ALLGRPP KENNETH *FILE KENNETH KEG 000668 2007-07-31-13.22.09.954928
Dig Deeper on iSeries system and application security
Related Q&A from Ken Graap
The BRMS Network feature allows a BRMS system to connect to other BRMS systems via a network, and enables a user to consolidate media such as backup ... Continue Reading
The only option to correct damage preventing file journaling is to use the RCLSTG command. Continue Reading
IBM's iSeries Backup and Recovery manual answers many questions related to system backup and disaster recovery. Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.