You can use the i5/OS™ security audit log to record service tools actions.
To enable the i5/OS security audit log to record service tools actions, complete the following steps for each server on which you want to enable the i5/OS security audit log:
- From an iSeries™ Navigator session, select the server name under My Connections (for your environment, you might use your own name for the connections function instead of the default My Connections). Sign on using an ID that has both all object (*ALLOBJ) and all audit (*ALLAUDIT) special authorities.
- Expand Security, select Policies, and double-click Auditing policy.
- Click the System tab. Make sure the following
items are checked (other items might also be checked):
- Activate action auditing
- Security tasks
- Service tasks
- Click OK. These security audit log functions are now available on the iSeries server.
After the security audit log functions have been enabled, the log information will be displayed in the journal receiver. To access the current service tools action entry in the journal receiver, enter the Display Journal (DSPJRN) command, DSPJRN QSYS/QAUDJRN ENTTYP(ST), on an i5/OS command line.
After you have accessed the service tools action entry in the
journal receiver, you can view service tools audit entries for individual
service tools user IDs. These audit entries include actions, such as logging
on to SST or DST, changing a service tools user ID password, and accessing
service tools. For a complete list of the audit entries and related information,
see iSeries Security
Reference
.