Users of a program.

I'm trying to get a list of programs that a users access over a particular period (for security reasons. I've tried Job Accounting but that doesn't give me the correct info. Journaling also doesn't seem to give programs used by user. Any help would be appreciated. Regards

Answer Wiki

Thanks. We'll let you know when a new response is added.

Try the Audit journal. This is specifically made to follow access to whatever you want. In the following link
you can find under chapter Security the complete guidelines about Auditing.


Yoiu can do this by enabling object auditing and setting the attribute on for all programs on your system. Use CHGOBJAUD to set attributes on the program object.

But the idea is totally nuts.

Your system would be buried under audit log entries in no time. Do you have the slightest clue how many programs are called by your users in, say, a one-hour work period? Imagine a table update then ran through a hundred thousand rows of a table updating a column… with a trigger attached. And are you only going to track your own apps? Or would “security” require tracking any calls to operating system programs too? How about DB2 programs? System programs that wrote to display screens? Would you track QT3REQIO?

The request to audit program accesses is insane. (Every time an audit transaction is created, multiple programs are called. Each one would generate audit transactions, each one of which would call multiple programs, etc., etc., etc…)

I <b>have</b> to assume that you are referring <b>only</b> to a very limited list of important application programs. If so, CHGOBJAUD will do it. Otherwise, whoever made the request is nuts.


Discuss This Question: 1  Reply

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.
  • Teandy
    If you are worried about security, then the first thing I would do would be to make sure that the user profile in question only has user authority, no ALLOBJ, SECADM, IOSYSCFG, etc, etc, etc.... The next thing I would do would be to secure all programs that access sensitive data either by user or by authorization list. These are only two things off the top of my head and certainly not everything that should be considered.
    5,860 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.


Share this item with your network: