Auditing in ALL areas if the iSeries.
That would take quite a bit to do on this list.
Can you be more specific as to what you want to audit?
Who signed on? and when?
What objects were used by whom and what program?
What data records where modified?
What System values were changed?
When were invalid signon attempts tried?
The list can go on.
<a href=”http://publib.boulder.ibm.com/infocenter/iseries/v5r4/index.jsp?topic=/rzamv/rzamvmonitorsec.htm”>V5R4 audit basics</a>
The first topic listed on that page is ‘Planning security auditing’. Although it’s for V5R4, it’ll mostly be appropriate. (You didn’t supply a version/release.)
The topics that follow it are also needed in order to get a good discussion going.
To see what settings might already be active, run DSPSECAUD.
Do <b>NOT</b> run any commands such as CHGSECAUD until you <b>KNOW</b> what they’ll do.