ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzaki_5.4.0.1/rzakijrnaudit.htm

100 lines
6.3 KiB
HTML
Raw Normal View History

2024-04-02 14:02:31 +00:00
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="concept" />
<meta name="DC.Title" content="Manage security for journals" />
<meta name="abstract" content="Use journal management to provide an audit trail of changes that were made to your objects. You can determine which program or user made changes to objects by using the journal entries." />
<meta name="description" content="Use journal management to provide an audit trail of changes that were made to your objects. You can determine which program or user made changes to objects by using the journal entries." />
<meta name="DC.Relation" scheme="URI" content="rzakimanagejrn.htm" />
<meta name="DC.Relation" scheme="URI" content="../books/sc415302.pdf" />
<meta name="DC.Relation" scheme="URI" content="../rzahg/rzahgicsecurity.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 2004, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2004, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="rzakijrnaudit" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Manage security for journals</title>
</head>
<body id="rzakijrnaudit"><a name="rzakijrnaudit"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Manage security for journals</h1>
<div><p>Use journal management to provide an audit trail of changes that
were made to your objects. You can determine which program or user made changes
to objects by using the journal entries.</p>
<p>By specifying the FIXLENDTA parameter of the Change Journal (CHGJRN) or
Create Journal (CRTJRN) commands you can specify that the following data is
included in the journal entry:</p>
<ul><li>The job name.</li>
<li>The effective user profile name.</li>
<li>The program name.</li>
<li>The program library name and the auxiliary storage pool device name that
contains the program library.</li>
<li>The system sequence number. The system sequence number gives a relative
sequence to all journal entries in all journal receivers on the system.</li>
<li>The remote address, the address family and the remote port.</li>
<li>The thread identifier. The thread identifier helps distinguish between
multiple threads running in the same job.</li>
<li>The logical unit of work identifier. The logical unit of work identifies
work related to specific commit cycles.</li>
<li>The transaction identifier. The transaction identifier identifies transactions
related to specific commit cycles.</li>
</ul>
<p><img src="./delta.gif" alt="Start of change" />For database physical files, you can determine what changes
were made to specific records by using the <span class="cmdname">Compare Journal Images
(CMPJRNIMG)</span> command. However, you cannot use the <span class="cmdname">CMPJRNIMG</span> command
for journal entries that have minimized entry-specific data. If you specified
the MINENTDTA(*FILE) or MINENTDTA(*FLDBDY) parameter on the <span class="cmdname">Create
Journal (CRTJRN)</span> or <span class="cmdname">Change Journal (CHGJRN)</span> commands,
you might have minimized entry-specific data.<img src="./deltaend.gif" alt="End of change" /></p>
<p>Use Journal management to provide an audit trail because of the following
reasons:</p>
<ul><li>No one, even the security officer, can remove or change the journal entries.</li>
<li>Journal entries represent a chronological sequence of events.</li>
<li>Each journal entry in the system is sequentially numbered without gaps
until the CHGJRN command resets the sequence number.<div class="note"><span class="notetitle">Note:</span> When you display
the journal entries, there can be gaps in the sequence numbers because some
journal entries are only used internally by the system. These gaps occur if
you are using commitment control, database file journaling, or access-path
journaling. To view the entries in the gaps, you can use the INCHIDENT parameter
on the <span class="cmdname">Display Journal (DSPJRN)</span> command.</div>
</li>
<li>The journal contains entries that indicate when each journal receiver
was changed and the name of the next journal receiver in the chain.</li>
<li>Whenever journaling for an object is ended or whenever an object is restored
an entry is written.</li>
</ul>
<p>Remember that the date and time recorded in the journal entries depends
on the date and time entered during an IPL and therefore, may not represent
the actual date and time. Also, if you use shared files, the program name
that appears in the journal entry is the name of the program that first opened
the shared file.</p>
<p>A special journal, that is called the audit (QAUDJRN) journal, can provide
a record of many security-relevant events that occur on the system. See the iSeries™ Security
Reference for information about the QAUDJRN journal.</p>
<p>For more information about security on your iSeries server, see the Security topic.</p>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzakimanagejrn.htm" title="Provides tasks to manage your journaling environment.">Manage journals</a></div>
</div>
<div class="relconcepts"><strong>Related concepts</strong><br />
<div><a href="../rzahg/rzahgicsecurity.htm">Security</a></div>
</div>
<div class="relinfo"><strong>Related information</strong><br />
<div><a href="../books/sc415302.pdf" target="_blank">iSeries Security Reference PDF</a></div>
</div>
</div>
</body>
</html>