iSeries audit log protection

Tags:
AS/400 compliance
AS/400 security
Audit Journal
iSeries
How are iSeries audit logs protected (e.g., who can access them? Can they be changed?)
ASKED: June 26, 2008  6:49 PM
UPDATED: November 3, 2009  11:48 PM

Answer Wiki

Thanks. We'll let you know when a new response is added.

Hi,

Which audit logs do you mean? Normally system logs on the AS/400 cannot be changed. Access is controlled by user authorities, but can be specifically granted or revoked.

Regards,

Martin Gilbert.

Discuss This Question: 1  Reply

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • TomLiotta
    "Audit logs" should normally refer to journals (and their associated journal receivers). Most common would be system audit journal, QAUDJRN, and database journals created by system users. There are no interfaces exposed to programmers that allow changes to existing entries in any journal receiver. AFAIK, the interfaces that could cause a change to an entry, including removal of an entry but not including deletion of the receiver objects themselves, are not even surfaced above the virtual machine layer to the operating system itself. So, although receivers and journals are objects that can be deleted when sufficient authority is granted, the entries are secure. Also, entries can not be added into the receivers that can look like actual audit entries. A "forged" entry would have an entry code that identified it as a non-system entry. (Someone who programs to the virtual machine level could circumvent system controls, but who would configure their system to allow that?) Tom
    125,585 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following