AS400 Security Audit

10 pts.
Tags:
AS/400 administration
AS/400 security
Security audits
How do you perform a security audit for user access on the AS400?

Software/Hardware used:
AS400 Financials, Employee management and Human resource management

Answer Wiki

Thanks. We'll let you know when a new response is added.

much of the infomation you seek can be found in the history, if you write some programs to interpet it. many software packages have audit files to show who touched a record last, and possibly who accessed a specific menu option.

otherwise, you need to write to a file for every menu option, record access, etc.

you can use DspUsrPrf (Display User Profile) to an output (*OUTFILE) to get a list of users in a file and then use Query/400 to print various reports of your own design to get a grasp on your users and their authorities and ancillary information.

-Sarge

Discuss This Question: 2  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • EmNichs
    You may find this posting about AS400 auditing helpful.
    3,250 pointsBadges:
    report
  • TomLiotta
    How do you perform a security audit... The first step you need to perform is to supply some definitions. Without definitions as your starting point, you can't get very far. What do you mean by "audit"? What is the "user access" that you are interested in? Do you want to review capabilities of a particular user or all users? And do you want to review capabilities or activities? Do you want to know what your users may access, or do you want to know who can access your users (user profiles)? Or do you want to know if anyone has accessed your users? What networking servers does the system have active? Are IP filter rules active? Are there function usage rules activated? Are you using exit programs for any of your active servers? How are your users authenticated? Do you allow direct logons or are you authenticating through a service such as kerberos? What system-level auditing rules are set? Do you have your audit journal available in order even to start a review? Do you have a policy that you intend to audit against? If not, how will you determine what your results mean? What (or who) is the audit for? Tom (Disclaimer: I am a developer for an employer that supplies networking security and system auditing software for System i. I can answer particular specific technical questions and help develop general plans, but I'll be restricted in how I answer this type of question.)
    125,585 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following