Home > IT Answers > AS/400 > WRKJOBSCHDE – who deleted the job?
IS Questions
105 pts.
 WRKJOBSCHDE – who deleted the job?
WRKJOBSCDE
How can I find out who deleted jobs in the native AS/400 jobs scheduler?

Software/Hardware used:
i5 OS/400
ASKED: April 5, 2010  6:07 PM
UPDATED: April 24, 2010  1:40 AM
RELATED QUESTIONS
Answer Wiki:
Review your system audit journal, QAUDJRN. Look for T/CD entries for RMVJOBSCDE. Or look for T/ZC entries for the QDFTJOBSCD *JOBSCD object. Both of those assume that your system is auditing appropriately. For the first, you'd be auditing commands run by users. For the second, you'd be doing object auditing for the default *JOBSCD object. If neither of those apply, then you might get lucky by scanning joblogs at random. If you aren't doing auditing, you can't review audit events later. Tom
Last Wiki Answer Submitted:  April 5, 2010  10:01 pm  by  TomLiotta   107,735 pts.
All Answer Wiki Contributors:  TomLiotta   107,735 pts.
To see all answers submitted to the Answer Wiki: View Answer History.


RSS - Discussions Help
Discuss This Question:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

 

Thank you Tom. This is very helpful.

IS Questions
 105 pts.
 

For others reading this later –

Note that no “jobs” would have been deleted. Instead, what would be deleted would be “entries” in the job scheduler. There wouldn’t be any system audit entries related to “jobs” anywhere. But because the job scheduler object is changed when entries are added to or removed from it, audit entries may be logged for the changed object.

It sometimes can be misleading because terms get used slightly inaccurately. Most of us implicitly understand, but it can some experience before it becomes automatic.

Tom

TomLiotta
 107,735 pts.