Need a way to audit ANY change access to selected database files.
A client has had a request from auditors that they should be able to audit every change to three critical database files when I am remotely signed on to their ISeries. They would want to turn on and off the auditing so that it is NOT on all day while being hit by 100's of customers. I vaguely remember raeding about a facility in OS/400 to do just about what they want but cannot find what I am looking for. Any ideas? Thanks in advance...
Software/Hardware used:
Software/Hardware used:
ASKED:
January 19, 2005 11:53 AM
UPDATED:
March 12, 2010 2:17 AM
Answer Wiki:
You should create journal receiver (CRTJRNRCV) and journal (CRTJRN). Then you can start journaling your fhysical file (STRJRNPF) and end journaling fhysical file (ENDJRNPF).
Regards
===========================================================
<i>...they should be able to audit every change to three critical database files when I am remotely signed on to their ISeries.</i>
If these are really "critical files", then there's no problem because they're already being journaled. If there is no process of journaling or equivalent, then they cannot really be considered "critical". The organization clearly isn't concerned about anybody doing anything without tracking nor about loss of transactions or existing data.
If the request is specific to <i>your profile</i> instead of <i>any change when you are logged on</i>, the triggers could discriminate and provide logging just for accesses by your profile.
Tom
To see all answers submitted to the Answer Wiki: View Answer History.
Journaling on the 400 is only as good as the person or product that can scrum through the journal entries and decifer what the codes mean.
If your client is looking to merely satisfy an auditor “we’ve turned journaling on” is acceptable. The only thing they should watch out for is the next audit where the auditors ask for an example of how the changes are being tracked. Blank stares and a no-go on that part of the audit if they don’t have a product or program written in-house to give a list of changes.
You might want to ‘check out’ the PFs as a copy to make your changes and then run a query against the old copy (in production) and your modified copy. One word of warning though, if the client has a high availability solution in place this sort of change management might make it unhappy.
With SOX and all of the other standards creating an auditor feeding frenzy you should encourage your client to procure a product similar to datathread by innovatum (I don’t work for or use the product but saw them at Common last Spring)http://www.innovatum.com/datathread.php or develop a change management product like turnover. It might save them some fines and, if you are a reseller make you some money.