Auditing User Access in AS/400

2480 pts.
Tags:
AS/400 administration
AS/400 audit
AS/400 journaling
Auditing
I am trying to figure out how to audit user access at the record level. In the Audit Journal the entry types ZC and ZR tell me at the file level who has opened a file for Change or Read.

In the Journal, the Journal code of R along with the type code will give me information on who has added, deleted or changed records.

Is there a way to see at the record level what records they have viewed ?

Thank You,

Bill Poulin



Software/Hardware used:
IBM i OS, V6R1, IBM Power 6

Answer Wiki

Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Discuss This Question: 2  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • TomLiotta
    AFAIK, the only useful feature at the system level would be an *AFTER/*READ trigger. The trigger would log some row identifier/key, the user, the timestamp and perhaps the program. The logging might be done via SNDJRNE or the Send Journal Entry (QJOSJRNE) API. The journal entry itself will contain some useful data elements so that the trigger doesn't have to supply those. If such logging is required, logging in a journal is probably best and easiest. You'd possibly want to save and generate receivers regularly. The journal should perhaps be created with JRNCACHE(*YES), though that does carry some small risk. Any "read" logging at the row level necessarily brings up the issue of volume. You might put some limited intelligence into the trigger program to bypass entries caused by significant batch processes for example. Tom
    125,585 pointsBadges:
    report
  • wpoulin
    Tom, I came to a similar solution re; using the SNDJRNE with a Journal code of U, User Defined. Although instead of using a trigger I am going to suggest we add it to selected Inquiry Programs to avoid creating entries for batch and subfile processing. I thank you for your input. Bill Poulin
    2,480 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following