If the QSECOFR is active you can go to WRKACTJOB and take option 5 against QSECOFR and then take optin 10 and press F10 to see all the commands done by him. If he is not active then you can do WRKUSRJOB and F4 and give QSECOFR in USER parameter and then you can take option 5 (wrk wuth job) against the desired job. --------------------------------------------------------------------------------------------------- The above only gives you the job log for the active job. If you are looking for security audit information it is a bit more involved. First of all you need *AUDIT authority. Then you need to set up and start auditing. GO SECTOOLS - Use the option to Change Security Auditing if you are not doing auditing now. See the Help on the option for detailed information, but in general you will need the QUADCTL value set for *AUDLVL and then the Auditing values set for what you want to check for. This option will start security auditing if it is not already running. Then, to check the audit log, use either the DSPAUDJRNE command or the CPYAUDJRNE command. One of these will be available from the SECTOOLS menu - based on what O/S you are running. The Display command runs the entries out to a spooledfile or the screen. The Copy command generates one or more files based on what journal entries you are looking for. Either command allows you to filter based on a User Profile. If you are not running security auditing now and you turn it on, just be aware that it can generate quite a bit of data in the audit journal receivers. Regards Mike _________________________________________ Remember to clean up your audit journal receivers as they can potentially take up alot of DASD. You can specify the name and library of the jrnrcv on the last screen of CHGSECAUD. ------------------------------------------------------------------------- As to allowing users to view *ALLOBJ users' joblogs without giving a user additional rights you could also look in the Function Usage commands. GO CMDFCNUSG Peter

If the QSECOFR is active you can go to WRKACTJOB and take option 5 against QSECOFR and then take optin 10 and press F10 to see all the commands done by him. If he is not active then you can do WRKUSRJOB and F4 and give QSECOFR in USER parameter and then you can take option 5 (wrk wuth job) against the desired job. --------------------------------------------------------------------------------------------------- The above only gives you the job log for the active job. If you are looking for security audit information it is a bit more involved. First of all you need *AUDIT authority. Then you need to set up and start auditing. GO SECTOOLS - Use the option to Change Security Auditing if you are not doing auditing now. See the Help on the option for detailed information, but in general you will need the QUADCTL value set for *AUDLVL and then the Auditing values set for what you want to check for. This option will start security auditing if it is not already running. Then, to check the audit log, use either the DSPAUDJRNE command or the CPYAUDJRNE command. One of these will be available from the SECTOOLS menu - based on what O/S you are running. The Display command runs the entries out to a spooledfile or the screen. The Copy command generates one or more files based on what journal entries you are looking for. Either command allows you to filter based on a User Profile. If you are not running security auditing now and you turn it on, just be aware that it can generate quite a bit of data in the audit journal receivers. Regards Mike _________________________________________ Remember to clean up your audit journal receivers as they can potentially take up alot of DASD. You can specify the name and library of the jrnrcv on the last screen of CHGSECAUD. ------------------------------------------------------------------------- As to allowing users to view *ALLOBJ users' joblogs without giving a user additional rights you could also look in the Function Usage commands. GO CMDFCNUSG Peter