174 lines
10 KiB
HTML
174 lines
10 KiB
HTML
|
<?xml version="1.0" encoding="UTF-8"?>
|
|||
|
<!DOCTYPE html
|
|||
|
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
|||
|
<html lang="en-us" xml:lang="en-us">
|
|||
|
<head>
|
|||
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
|||
|
<meta name="security" content="public" />
|
|||
|
<meta name="Robots" content="index,follow" />
|
|||
|
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
|
|||
|
<meta name="DC.Type" content="concept" />
|
|||
|
<meta name="DC.Title" content="Audit level extension" />
|
|||
|
<meta name="abstract" content="The QAUDLVL2 system value is required when more than sixteen auditing values are needed." />
|
|||
|
<meta name="description" content="The QAUDLVL2 system value is required when more than sixteen auditing values are needed." />
|
|||
|
<meta name="DC.Relation" scheme="URI" content="rzamvauditsysval.htm" />
|
|||
|
<meta name="copyright" content="(C) Copyright IBM Corporation 2006" />
|
|||
|
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2006" />
|
|||
|
<meta name="DC.Format" content="XHTML" />
|
|||
|
<meta name="DC.Identifier" content="qaudlvl2" />
|
|||
|
<meta name="DC.Language" content="en-us" />
|
|||
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
|||
|
<!-- US Government Users Restricted Rights -->
|
|||
|
<!-- Use, duplication or disclosure restricted by -->
|
|||
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
|||
|
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
|
|||
|
<link rel="stylesheet" type="text/css" href="./ic.css" />
|
|||
|
<title>Audit level extension</title>
|
|||
|
</head>
|
|||
|
<body id="qaudlvl2"><a name="qaudlvl2"><!-- --></a>
|
|||
|
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
|
|||
|
<h1 class="topictitle1">Audit level extension</h1>
|
|||
|
<div><p>The QAUDLVL2 system value is required when more than sixteen auditing
|
|||
|
values are needed.</p>
|
|||
|
<ul><li>Name in the character-based interface: <span class="uicontrol">QAUDLVL2</span>.</li>
|
|||
|
<li>Name in the iSeries™ Navigator
|
|||
|
interface: <span class="uicontrol">activate action auditing</span>.</li>
|
|||
|
<li><span class="uicontrol">Description:</span> Specifying *AUDLVL2 as one of the
|
|||
|
values in the QAUDLVL system value will cause the system to also look for
|
|||
|
auditing values in the QAUDLVL2 system value. You can specify more than one
|
|||
|
value for the QAUDLVL2 system value, unless you specify *NONE. For the QAUDLVL2
|
|||
|
system value to take effect, the QAUDCTL system value must include *AUDLVL
|
|||
|
and the QAUDLVL system value must include *AUDLVL2.</li>
|
|||
|
</ul>
|
|||
|
|
|||
|
<div class="tablenoborder"><a name="qaudlvl2__taudlvl2"><!-- --></a><table cellpadding="4" cellspacing="0" summary="" id="qaudlvl2__taudlvl2" width="100%" frame="border" border="1" rules="all"><caption>Table 1. Possible Values for
|
|||
|
the QAUDLVL2 System Value</caption><thead align="left"><tr valign="bottom"><th valign="bottom" width="25.125628140703515%" id="d0e38">Auditing value</th>
|
|||
|
<th valign="bottom" width="74.87437185929649%" id="d0e40">Description</th>
|
|||
|
</tr>
|
|||
|
</thead>
|
|||
|
<tbody><tr><td valign="top" width="25.125628140703515%" headers="d0e38 "><u>*NONE</u></td>
|
|||
|
<td valign="top" width="74.87437185929649%" headers="d0e40 ">No auditing values are contained in this system value.</td>
|
|||
|
</tr>
|
|||
|
<tr><td valign="top" width="25.125628140703515%" headers="d0e38 "><span>*ATNEVT</span></td>
|
|||
|
<td valign="top" width="74.87437185929649%" headers="d0e40 "><span>Conditions that require further evaluation
|
|||
|
to determine the condition’s security significance are audited.</span></td>
|
|||
|
</tr>
|
|||
|
<tr><td valign="top" width="25.125628140703515%" headers="d0e38 ">*AUTFAIL</td>
|
|||
|
<td valign="top" width="74.87437185929649%" headers="d0e40 ">Authority failure events are logged.</td>
|
|||
|
</tr>
|
|||
|
<tr><td valign="top" width="25.125628140703515%" headers="d0e38 ">*CREATE</td>
|
|||
|
<td valign="top" width="74.87437185929649%" headers="d0e40 ">Object create operations are logged.</td>
|
|||
|
</tr>
|
|||
|
<tr><td valign="top" width="25.125628140703515%" headers="d0e38 ">*DELETE</td>
|
|||
|
<td valign="top" width="74.87437185929649%" headers="d0e40 ">Object delete operations are logged.</td>
|
|||
|
</tr>
|
|||
|
<tr><td valign="top" width="25.125628140703515%" headers="d0e38 ">*JOBDTA</td>
|
|||
|
<td valign="top" width="74.87437185929649%" headers="d0e40 ">Actions that affect a job are logged.</td>
|
|||
|
</tr>
|
|||
|
<tr><td valign="top" width="25.125628140703515%" headers="d0e38 ">*NETBAS</td>
|
|||
|
<td valign="top" width="74.87437185929649%" headers="d0e40 ">Network base functions are audited.</td>
|
|||
|
</tr>
|
|||
|
<tr><td valign="top" width="25.125628140703515%" headers="d0e38 ">*NETCLU</td>
|
|||
|
<td valign="top" width="74.87437185929649%" headers="d0e40 ">Cluster and cluster resource group operations are audited.</td>
|
|||
|
</tr>
|
|||
|
<tr><td valign="top" width="25.125628140703515%" headers="d0e38 ">*NETCMN</td>
|
|||
|
<td valign="top" width="74.87437185929649%" headers="d0e40 ">Network and communication functions are audited. <div class="p">*NETCMN
|
|||
|
is composed of several values to allow you to better customize your auditing: <p>*NETBAS<br />
|
|||
|
*NETCLU<br />
|
|||
|
*NETFAIL<br />
|
|||
|
*NETSCK</p>
|
|||
|
</div>
|
|||
|
</td>
|
|||
|
</tr>
|
|||
|
<tr><td valign="top" width="25.125628140703515%" headers="d0e38 ">*NETFAIL</td>
|
|||
|
<td valign="top" width="74.87437185929649%" headers="d0e40 ">Network failures are audited.</td>
|
|||
|
</tr>
|
|||
|
<tr><td valign="top" width="25.125628140703515%" headers="d0e38 ">*NETSCK</td>
|
|||
|
<td valign="top" width="74.87437185929649%" headers="d0e40 ">Socket tasks are audited.</td>
|
|||
|
</tr>
|
|||
|
<tr><td valign="top" width="25.125628140703515%" headers="d0e38 ">*OBJMGT</td>
|
|||
|
<td valign="top" width="74.87437185929649%" headers="d0e40 ">Object move and rename operations are logged.</td>
|
|||
|
</tr>
|
|||
|
<tr><td valign="top" width="25.125628140703515%" headers="d0e38 ">*OFCSRV</td>
|
|||
|
<td valign="top" width="74.87437185929649%" headers="d0e40 ">Changes to the system distribution directory and office
|
|||
|
mail actions are logged.</td>
|
|||
|
</tr>
|
|||
|
<tr><td valign="top" width="25.125628140703515%" headers="d0e38 ">*OPTICAL</td>
|
|||
|
<td valign="top" width="74.87437185929649%" headers="d0e40 ">Use of Optical Volumes is logged.</td>
|
|||
|
</tr>
|
|||
|
<tr><td valign="top" width="25.125628140703515%" headers="d0e38 ">*PGMADP</td>
|
|||
|
<td valign="top" width="74.87437185929649%" headers="d0e40 ">Obtaining authority from a program that adopts authority
|
|||
|
is logged.</td>
|
|||
|
</tr>
|
|||
|
<tr><td valign="top" width="25.125628140703515%" headers="d0e38 ">*PGMFAIL</td>
|
|||
|
<td valign="top" width="74.87437185929649%" headers="d0e40 ">System integrity violations are logged.</td>
|
|||
|
</tr>
|
|||
|
<tr><td valign="top" width="25.125628140703515%" headers="d0e38 ">*PRTDTA</td>
|
|||
|
<td valign="top" width="74.87437185929649%" headers="d0e40 ">Printing a spooled file, sending output directly to
|
|||
|
a printer, and sending output to a remote printer are logged.</td>
|
|||
|
</tr>
|
|||
|
<tr><td valign="top" width="25.125628140703515%" headers="d0e38 ">*SAVRST</td>
|
|||
|
<td valign="top" width="74.87437185929649%" headers="d0e40 ">Restore operations are logged.</td>
|
|||
|
</tr>
|
|||
|
<tr><td valign="top" width="25.125628140703515%" headers="d0e38 ">*SECCFG</td>
|
|||
|
<td valign="top" width="74.87437185929649%" headers="d0e40 ">Security configuration is audited.</td>
|
|||
|
</tr>
|
|||
|
<tr><td valign="top" width="25.125628140703515%" headers="d0e38 ">*SECDIRSRV</td>
|
|||
|
<td valign="top" width="74.87437185929649%" headers="d0e40 ">Changes or updates when doing directory service functions
|
|||
|
are audited.</td>
|
|||
|
</tr>
|
|||
|
<tr><td valign="top" width="25.125628140703515%" headers="d0e38 ">*SECIPC</td>
|
|||
|
<td valign="top" width="74.87437185929649%" headers="d0e40 ">Changes to interprocess communications are audited.</td>
|
|||
|
</tr>
|
|||
|
<tr><td valign="top" width="25.125628140703515%" headers="d0e38 ">*SECNAS</td>
|
|||
|
<td valign="top" width="74.87437185929649%" headers="d0e40 ">Network authentication service actions are audited.</td>
|
|||
|
</tr>
|
|||
|
<tr><td valign="top" width="25.125628140703515%" headers="d0e38 ">*SECRUN</td>
|
|||
|
<td valign="top" width="74.87437185929649%" headers="d0e40 ">Security run time functions are audited.</td>
|
|||
|
</tr>
|
|||
|
<tr><td valign="top" width="25.125628140703515%" headers="d0e38 ">*SECSCKD</td>
|
|||
|
<td valign="top" width="74.87437185929649%" headers="d0e40 ">Socket descriptors are audited.</td>
|
|||
|
</tr>
|
|||
|
<tr><td valign="top" width="25.125628140703515%" headers="d0e38 ">*SECURITY</td>
|
|||
|
<td valign="top" width="74.87437185929649%" headers="d0e40 ">Security-related functions are logged. <div class="p">*SECURITY
|
|||
|
is composed of several values to allow you to better customize your auditing: <p>*SECCFG<br />
|
|||
|
*SECDIRSRV<br />
|
|||
|
*SECIPC<br />
|
|||
|
*SECNAS<br />
|
|||
|
*SECRUN<br />
|
|||
|
*SECSCKD<br />
|
|||
|
*SECVFY<br />
|
|||
|
*SECVLDL</p>
|
|||
|
</div>
|
|||
|
</td>
|
|||
|
</tr>
|
|||
|
<tr><td valign="top" width="25.125628140703515%" headers="d0e38 ">*SECVFY</td>
|
|||
|
<td valign="top" width="74.87437185929649%" headers="d0e40 ">Use of verification functions are audited.</td>
|
|||
|
</tr>
|
|||
|
<tr><td valign="top" width="25.125628140703515%" headers="d0e38 ">*SECVLDL</td>
|
|||
|
<td valign="top" width="74.87437185929649%" headers="d0e40 ">Changes to validation list objects are audited.</td>
|
|||
|
</tr>
|
|||
|
<tr><td valign="top" width="25.125628140703515%" headers="d0e38 ">*SERVICE</td>
|
|||
|
<td valign="top" width="74.87437185929649%" headers="d0e40 ">Using service tools is logged.</td>
|
|||
|
</tr>
|
|||
|
<tr><td valign="top" width="25.125628140703515%" headers="d0e38 ">*SPLFDTA</td>
|
|||
|
<td valign="top" width="74.87437185929649%" headers="d0e40 ">Actions performed on spooled files are logged.</td>
|
|||
|
</tr>
|
|||
|
<tr><td valign="top" width="25.125628140703515%" headers="d0e38 ">*SYSMGT</td>
|
|||
|
<td valign="top" width="74.87437185929649%" headers="d0e40 ">Use of system management functions is logged.</td>
|
|||
|
</tr>
|
|||
|
</tbody>
|
|||
|
</table>
|
|||
|
</div>
|
|||
|
<div class="note"><span class="notetitle">Note:</span> This system value is a restricted value. For details on how to restrict
|
|||
|
changes to security system values and a list of the restricted system values,
|
|||
|
see <span class="q">"Chapter 3: Security System Values"</span> in the <cite>iSeries Security
|
|||
|
Reference</cite>.</div>
|
|||
|
</div>
|
|||
|
<div>
|
|||
|
<div class="familylinks">
|
|||
|
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzamvauditsysval.htm" title="This topic describes the auditing system values in detail.">Audit system values</a></div>
|
|||
|
</div>
|
|||
|
</div>
|
|||
|
</body>
|
|||
|
</html>
|