Using CHGSECAUD to set up security auditing
Overview:
Using the CHGSECAUD command, you can activate system security auditing
for actions by ensuring that the security journal exists, setting the QAUDCTL
system value to *AUDLVL, and setting the QAUDLVL system value to the default
set of values. The default set includes *AUTFAIL, *CREATE, *DELETE, *SECURITY,
and *SAVRST action audits.
CHGSECAUD QAUDCTL(*AUDLVL) QAUDLVL(*DFTSET)
- Purpose:
- Set up the system to collect security events in the QAUDJRN journal.
- How To:
-
CHGSECAUD
DSPSECAUD - Authority:
-
The user must have *ALLOBJ and *AUDIT special authority.
- Journal Entry:
-
CO (create object)
SV (system value change)
AD (object and user audit changes) - Note:
- The CHGSECAUD command creates the journal and journal receiver if it does not exist. The CHGSECAUD then sets the QAUDCTL, QAUDLVL, and QAUDLVL2 system values.