Audit level extension

The QAUDLVL2 system value is required when more than sixteen auditing values are needed.

Name in the character-based interface: QAUDLVL2.
Name in the iSeries™ Navigator interface: activate action auditing.
Description: Specifying *AUDLVL2 as one of the values in the QAUDLVL system value will cause the system to also look for auditing values in the QAUDLVL2 system value. You can specify more than one value for the QAUDLVL2 system value, unless you specify *NONE. For the QAUDLVL2 system value to take effect, the QAUDCTL system value must include *AUDLVL and the QAUDLVL system value must include *AUDLVL2.

Table 1. Possible Values for the QAUDLVL2 System Value
Auditing value	Description
*NONE	No auditing values are contained in this system value.
*ATNEVT	Conditions that require further evaluation to determine the condition’s security significance are audited.
*AUTFAIL	Authority failure events are logged.
*CREATE	Object create operations are logged.
*DELETE	Object delete operations are logged.
*JOBDTA	Actions that affect a job are logged.
*NETBAS	Network base functions are audited.
*NETCLU	Cluster and cluster resource group operations are audited.
*NETCMN	Network and communication functions are audited. NETCMN is composed of several values to allow you to better customize your auditing: NETBAS NETCLU NETFAIL *NETSCK
*NETFAIL	Network failures are audited.
*NETSCK	Socket tasks are audited.
*OBJMGT	Object move and rename operations are logged.
*OFCSRV	Changes to the system distribution directory and office mail actions are logged.
*OPTICAL	Use of Optical Volumes is logged.
*PGMADP	Obtaining authority from a program that adopts authority is logged.
*PGMFAIL	System integrity violations are logged.
*PRTDTA	Printing a spooled file, sending output directly to a printer, and sending output to a remote printer are logged.
*SAVRST	Restore operations are logged.
*SECCFG	Security configuration is audited.
*SECDIRSRV	Changes or updates when doing directory service functions are audited.
*SECIPC	Changes to interprocess communications are audited.
*SECNAS	Network authentication service actions are audited.
*SECRUN	Security run time functions are audited.
*SECSCKD	Socket descriptors are audited.
*SECURITY	Security-related functions are logged. SECURITY is composed of several values to allow you to better customize your auditing: SECCFG SECDIRSRV SECIPC SECNAS SECRUN SECSCKD SECVFY *SECVLDL
*SECVFY	Use of verification functions are audited.
*SECVLDL	Changes to validation list objects are audited.
*SERVICE	Using service tools is logged.
*SPLFDTA	Actions performed on spooled files are logged.
*SYSMGT	Use of system management functions is logged.

Note: This system value is a restricted value. For details on how to restrict changes to security system values and a list of the restricted system values, see "Chapter 3: Security System Values" in the iSeries Security Reference.