Need a way to audit ANY change access to selected database files.

pts.
Tags:
Auditing
Policies
Security management
A client has had a request from auditors that they should be able to audit every change to three critical database files when I am remotely signed on to their ISeries. They would want to turn on and off the auditing so that it is NOT on all day while being hit by 100's of customers. I vaguely remember raeding about a facility in OS/400 to do just about what they want but cannot find what I am looking for. Any ideas? Thanks in advance...

Answer Wiki

Thanks. We'll let you know when a new response is added.

You should create journal receiver (CRTJRNRCV) and journal (CRTJRN). Then you can start journaling your fhysical file (STRJRNPF) and end journaling fhysical file (ENDJRNPF).
Regards

===========================================================

<i>…they should be able to audit every change to three critical database files when I am remotely signed on to their ISeries.</i>

If these are really “critical files”, then there’s no problem because they’re already being journaled. If there is no process of journaling or equivalent, then they cannot really be considered “critical”. The organization clearly isn’t concerned about anybody doing anything without tracking nor about loss of transactions or existing data.

If the request is specific to <i>your profile</i> instead of <i>any change when you are logged on</i>, the triggers could discriminate and provide logging just for accesses by your profile.

Tom

Discuss This Question: 1  Reply

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • GoSaveOption21
    Journaling on the 400 is only as good as the person or product that can scrum through the journal entries and decifer what the codes mean. If your client is looking to merely satisfy an auditor "we've turned journaling on" is acceptable. The only thing they should watch out for is the next audit where the auditors ask for an example of how the changes are being tracked. Blank stares and a no-go on that part of the audit if they don't have a product or program written in-house to give a list of changes. You might want to 'check out' the PFs as a copy to make your changes and then run a query against the old copy (in production) and your modified copy. One word of warning though, if the client has a high availability solution in place this sort of change management might make it unhappy. With SOX and all of the other standards creating an auditor feeding frenzy you should encourage your client to procure a product similar to datathread by innovatum (I don't work for or use the product but saw them at Common last Spring)http://www.innovatum.com/datathread.php or develop a change management product like turnover. It might save them some fines and, if you are a reseller make you some money.
    0 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following