Auditing system values: Audit journal error action

The Audit journal error action system value is also known as QAUDENDACN. You can use this system value to specify the action to take if the system is unable to write audit entries. The system takes the specified action when audit records are not sent to the auditing journal because of errors that occur when the journal entry is sent.

Quick reference
Location From IBM® Navigator for i, select Configuration and Service > System Values. Right-click on Auditing and click Properties, then switch to the Journaling tab.
Special authority Audit (*AUDIT).
Notes:
  1. To view this system value, you must have Audit (*AUDIT) or All object (*ALLOBJ) special authority.

    If you do not have the required authority, the Auditing category is not displayed in IBM Navigator for i. If you access this system value in the character-based interface, the Not available (*NOTAVL) value is displayed.

  2. To change this system value, you must have Audit (*AUDIT) special authority.
Default value Notify, then continue.
Changes take effect Immediately.
Lockable Yes.
Lockable system value
(See Lock function of security-related system values for details.)

What can I do with this system value?

You can specify the action to take whenever auditing is active and the system is not able to write entries to the audit journal.

If the security policy for your system requires that no processing occur without auditing, then you must set this value to Shut down the system (*PWRDWNSYS). For most systems, Notify, then continue (*NOTIFY) is the recommended value. This system value applies only to auditing entries sent by the operating system to the security audit journal (QAUDJRN).

This system value has the following values:

Notify, then continue (*NOTIFY)
A message is sent to the system operator's message queue once per hour until auditing is successfully activated.
Shut down the system (*PWRDWNSYS)
The system ends if the attempt to send the audit data to the security audit journal fails. When the system is powered on again, the system is in the restricted state. The Default auditing for newly created objects (QCRTOBJAUD) system value is set to None to turn auditing off. On the next restart, the user who signs on the system must have at least Audit (*AUDIT) and All Object (*ALLOBJ) special authority.
Not available (*NOTAVL)
This value is displayed if the user does not have authority to view the auditing value. You cannot set the system value to Not available (*NOTAVL). This value is only displayed when a user accessing the system value does not have either All object (*ALLOBJ) or Audit (*AUDIT) special authority.