IBM Support What's New?

'db2audit extract' returns AUD0036N

Technote (troubleshooting)


Problem(Abstract)

Extraction of audit log using db2audit utility returns,

AUD0036N Extract can not be performed on the active audit log file "file-name"

Symptom

This could be demonstrated as follows:

$ db2 "CREATE AUDIT POLICY SENSITIVEDATAPOLICY CATEGORIES EXECUTE STATUS BOTH ERROR TYPE AUDIT"
DB20000I The SQL command completed successfully.

$ db2 "AUDIT TABLE EMPLOYEE USING POLICY SENSITIVEDATAPOLICY"
DB20000I The SQL command completed successfully.

$ db2 "select * from employee"

$ ls /home/db2inst1/sqllib/security/auditdata

db2audit.db.SAMPLE.log.0

$ db2audit extract file report.out from files /home/db2inst1/sqllib/security/auditdata/db2audit.db.SAMPLE.log.0

AUD0036N Extract can not be performed on the active audit log file "/home/db2inst1/sqllib/security/auditdata/db2audit.db.SAMPLE.log.0".

AUD0001N Operation failed.

Cause

The audit log file has not been archived and hence is still active.

Resolving the problem

The problem may be resolved as follows:


$ mkdir /home/db2inst1/sqllib/security/audarchive

$ db2audit archive database sample to /home/db2inst1/sqllib/security/audarchive

Node AUD Archived or Interim Log File
Message
-------- -------- ---------------------------------------------------
0 AUD0000I db2audit.db.SAMPLE.log.0.20130402014335

AUD0000I Operation succeeded.

$ db2audit extract file report.out from files /home/db2inst1/sqllib/security/audarchive/db2audit.db.SAMPLE.log.0.20130402014335

AUD0000I Operation succeeded.


Related information

db2audit
AUD0036N

Document information

More support for: DB2 for Linux, UNIX and Windows
Monitor - Db2Audit

Software version: 9.5, 9.7

Operating system(s): AIX, HP-UX, Linux, Solaris

Reference #: 1633218

Modified date: 2013-04-05