friedkiwi/ibm-information-center
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
6290434003
ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzamv_5.4.0.1/rzamvqaudlvl.htm

197 lines
11 KiB
HTML
Raw Normal View History

Add readme and dist folders
2024-04-02 14:02:31 +00:00
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="concept" />
<meta name="DC.Title" content="Audit level" />
<meta name="abstract" content="The QAUDLVL system value allows you to control which security-related events are logged to the security audit journal (QAUDJRN) for all system users." />
<meta name="description" content="The QAUDLVL system value allows you to control which security-related events are logged to the security audit journal (QAUDJRN) for all system users." />
<meta name="DC.Relation" scheme="URI" content="rzamvauditsysval.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="qaudlvl" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Audit level</title>
</head>
<body id="qaudlvl"><a name="qaudlvl"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Audit level</h1>
<div><p>The QAUDLVL system value allows you to control which security-related
events are logged to the security audit journal (QAUDJRN) for all system users.</p>
<ul><li>Name in the character-based interface: <strong>QAUDLVL</strong></li>
<li>Name in the iSeries™ Navigator
interface: <strong>activate action auditing</strong></li>
<li><strong>Description:</strong> The QAUDLVL system value allows you to control which
security-related events are logged to the security audit journal (QAUDJRN)
for all system users. This system value is controlled by the QAUDCTL system
value. For the QAUDLVL system value to take effect, the QAUDCTL system value
must include *AUDLVL. You can specify more than one value for the QAUDLVL
system value, unless you specify *NONE.</li>
<li><strong>Recommended Values:</strong> The recommended values will log the following
information on your system: <ul><li>*AUTFAIL<ul><li>All access failures (signon, authorization, job submission)</li>
<li>Incorrect password or user ID entered from a device</li>
</ul>
</li>
<li>*PGMFAIL<ul><li>Blocked instruction</li>
<li>Validation value failure</li>
<li>Domain violation</li>
</ul>
</li>
<li>*JOBDTA<ul><li>Job start and stop data</li>
<li>Hold, release, stop, continue, change, disconnect, end, end abnormal,
PSR-attached to prestart job entries</li>
</ul>
</li>
</ul>
</li>
</ul>
<div class="tablenoborder"><a name="qaudlvl__taudlvl"><!-- --></a><table cellpadding="4" cellspacing="0" summary="" id="qaudlvl__taudlvl" width="100%" frame="border" border="1" rules="all"><caption>Table 1. Possible Values for
the QAUDLVL System Value</caption><thead align="left"><tr valign="bottom"><th valign="bottom" width="25.125628140703515%" id="d0e66">Auditing value</th>
<th valign="bottom" width="74.87437185929649%" id="d0e68">Description</th>
</tr>
</thead>
<tbody><tr><td valign="top" width="25.125628140703515%" headers="d0e66 "><u>*NONE</u></td>
<td valign="top" width="74.87437185929649%" headers="d0e68 ">No events controlled by the QAUDLVL or QAUDLVL2 system
values are logged. Events are logged for individual users based on the AUDLVL
values of user profiles.</td>
</tr>
<tr><td valign="top" width="25.125628140703515%" headers="d0e66 "><span>*ATNEVT</span></td>
<td valign="top" width="74.87437185929649%" headers="d0e68 "><span>Conditions that require further evaluation
to determine the condition's security significance are audited.</span></td>
</tr>
<tr><td valign="top" width="25.125628140703515%" headers="d0e66 ">*AUDLVL2</td>
<td valign="top" width="74.87437185929649%" headers="d0e68 ">Both QAUDLVL and QAUDLVL2 system values will be used
to determine the security actions to be audited.</td>
</tr>
<tr><td valign="top" width="25.125628140703515%" headers="d0e66 ">*AUTFAIL</td>
<td valign="top" width="74.87437185929649%" headers="d0e68 ">Authority failure events are logged.</td>
</tr>
<tr><td valign="top" width="25.125628140703515%" headers="d0e66 ">*CREATE</td>
<td valign="top" width="74.87437185929649%" headers="d0e68 ">Object create operations are logged.</td>
</tr>
<tr><td valign="top" width="25.125628140703515%" headers="d0e66 ">*DELETE</td>
<td valign="top" width="74.87437185929649%" headers="d0e68 ">Object delete operations are logged.</td>
</tr>
<tr><td valign="top" width="25.125628140703515%" headers="d0e66 ">*JOBDTA</td>
<td valign="top" width="74.87437185929649%" headers="d0e68 ">Actions that affect a job are logged.</td>
</tr>
<tr><td valign="top" width="25.125628140703515%" headers="d0e66 ">*NETBAS</td>
<td valign="top" width="74.87437185929649%" headers="d0e68 ">Network base functions are audited.</td>
</tr>
<tr><td valign="top" width="25.125628140703515%" headers="d0e66 ">*NETCLU</td>
<td valign="top" width="74.87437185929649%" headers="d0e68 ">Cluster and cluster resource group operations are audited.</td>
</tr>
<tr><td valign="top" width="25.125628140703515%" headers="d0e66 ">*NETCMN</td>
<td valign="top" width="74.87437185929649%" headers="d0e68 ">Network and communication functions are audited. <div class="p">*NETCMN
is composed of several values to allow you to better customize your auditing: <p>*NETBAS<br />
*NETCLU<br />
*NETFAIL<br />
*NETSCK</p>
</div>
</td>
</tr>
<tr><td valign="top" width="25.125628140703515%" headers="d0e66 ">*NETFAIL</td>
<td valign="top" width="74.87437185929649%" headers="d0e68 ">Network failures are audited.</td>
</tr>
<tr><td valign="top" width="25.125628140703515%" headers="d0e66 ">*NETSCK</td>
<td valign="top" width="74.87437185929649%" headers="d0e68 ">Socket tasks are audited.</td>
</tr>
<tr><td valign="top" width="25.125628140703515%" headers="d0e66 ">*OBJMGT</td>
<td valign="top" width="74.87437185929649%" headers="d0e68 ">Object move and rename operations are logged.</td>
</tr>
<tr><td valign="top" width="25.125628140703515%" headers="d0e66 ">*OFCSRV</td>
<td valign="top" width="74.87437185929649%" headers="d0e68 ">Changes to the system distribution directory and office
mail actions are logged.</td>
</tr>
<tr><td valign="top" width="25.125628140703515%" headers="d0e66 ">*OPTICAL</td>
<td valign="top" width="74.87437185929649%" headers="d0e68 ">Use of Optical Volumes is logged.</td>
</tr>
<tr><td valign="top" width="25.125628140703515%" headers="d0e66 ">*PGMADP</td>
<td valign="top" width="74.87437185929649%" headers="d0e68 ">Obtaining authority from a program that adopts authority
is logged.</td>
</tr>
<tr><td valign="top" width="25.125628140703515%" headers="d0e66 ">*PGMFAIL</td>
<td valign="top" width="74.87437185929649%" headers="d0e68 ">System integrity violations are logged.</td>
</tr>
<tr><td valign="top" width="25.125628140703515%" headers="d0e66 ">*PRTDTA</td>
<td valign="top" width="74.87437185929649%" headers="d0e68 ">Printing a spooled file, sending output directly to
a printer, and sending output to a remote printer are logged.</td>
</tr>
<tr><td valign="top" width="25.125628140703515%" headers="d0e66 ">*SAVRST</td>
<td valign="top" width="74.87437185929649%" headers="d0e68 ">Restore operations are logged.</td>
</tr>
<tr><td valign="top" width="25.125628140703515%" headers="d0e66 ">*SECCFG</td>
<td valign="top" width="74.87437185929649%" headers="d0e68 ">Security configuration is audited.</td>
</tr>
<tr><td valign="top" width="25.125628140703515%" headers="d0e66 ">*SECDIRSRV</td>
<td valign="top" width="74.87437185929649%" headers="d0e68 ">Changes or updates when doing directory service functions
are audited.</td>
</tr>
<tr><td valign="top" width="25.125628140703515%" headers="d0e66 ">*SECIPC</td>
<td valign="top" width="74.87437185929649%" headers="d0e68 ">Changes to interprocess communications are audited.</td>
</tr>
<tr><td valign="top" width="25.125628140703515%" headers="d0e66 ">*SECNAS</td>
<td valign="top" width="74.87437185929649%" headers="d0e68 ">Network authentication service actions are audited.</td>
</tr>
<tr><td valign="top" width="25.125628140703515%" headers="d0e66 ">*SECRUN</td>
<td valign="top" width="74.87437185929649%" headers="d0e68 ">Security run time functions are audited.</td>
</tr>
<tr><td valign="top" width="25.125628140703515%" headers="d0e66 ">*SECSCKD</td>
<td valign="top" width="74.87437185929649%" headers="d0e68 ">Socket descriptors are audited.</td>
</tr>
<tr><td valign="top" width="25.125628140703515%" headers="d0e66 ">*SECURITY</td>
<td valign="top" width="74.87437185929649%" headers="d0e68 ">Security-related functions are logged. <div class="p">*SECURITY
is composed of several values to allow you to better customize your auditing: <p>*SECCFG<br />
*SECDIRSRV<br />
*SECIPC<br />
*SECNAS<br />
*SECRUN<br />
*SECSCKD<br />
*SECVFY<br />
*SECVLDL</p>
</div>
</td>
</tr>
<tr><td valign="top" width="25.125628140703515%" headers="d0e66 ">*SECVFY</td>
<td valign="top" width="74.87437185929649%" headers="d0e68 ">Use of verification functions are audited.</td>
</tr>
<tr><td valign="top" width="25.125628140703515%" headers="d0e66 ">*SECVLDL</td>
<td valign="top" width="74.87437185929649%" headers="d0e68 ">Changes to validation list objects are audited.</td>
</tr>
<tr><td valign="top" width="25.125628140703515%" headers="d0e66 ">*SERVICE</td>
<td valign="top" width="74.87437185929649%" headers="d0e68 ">Using service tools is logged.</td>
</tr>
<tr><td valign="top" width="25.125628140703515%" headers="d0e66 ">*SPLFDTA</td>
<td valign="top" width="74.87437185929649%" headers="d0e68 ">Actions performed on spooled files are logged.</td>
</tr>
<tr><td valign="top" width="25.125628140703515%" headers="d0e66 ">*SYSMGT</td>
<td valign="top" width="74.87437185929649%" headers="d0e68 ">Use of system management functions is logged.</td>
</tr>
</tbody>
</table>
</div>
<div class="note"><span class="notetitle">Note:</span> This system value is a restricted value. For details on how to restrict
changes to security system values and a list of the restricted system values,
see <span class="q">"Chapter 3: Security System Values"</span> in the <cite>iSeries Security
Reference</cite>. </div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzamvauditsysval.htm" title="This topic describes the auditing system values in detail.">Audit system values</a></div>
</div>
</div>
</body>
</html>
Reference in New Issue Copy Permalink