76 lines
4.6 KiB
HTML
76 lines
4.6 KiB
HTML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<!DOCTYPE html
|
|
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
|
<html lang="en-us" xml:lang="en-us">
|
|
<head>
|
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
|
<meta name="security" content="public" />
|
|
<meta name="Robots" content="index,follow" />
|
|
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
|
|
<meta name="DC.Type" content="task" />
|
|
<meta name="DC.Title" content="Monitor service tools use through i5/OS security audit log" />
|
|
<meta name="abstract" content="You can use the i5/OS security audit log to record service tools actions." />
|
|
<meta name="description" content="You can use the i5/OS security audit log to record service tools actions." />
|
|
<meta name="DC.Relation" scheme="URI" content="rzamhmonitor.htm" />
|
|
<meta name="copyright" content="(C) Copyright IBM Corporation 2003, 2006" />
|
|
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2003, 2006" />
|
|
<meta name="DC.Format" content="XHTML" />
|
|
<meta name="DC.Identifier" content="rzamhmonitorsecurity" />
|
|
<meta name="DC.Language" content="en-us" />
|
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
|
<!-- US Government Users Restricted Rights -->
|
|
<!-- Use, duplication or disclosure restricted by -->
|
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
|
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
|
|
<link rel="stylesheet" type="text/css" href="./ic.css" />
|
|
<title>Monitor service tools use through i5/OS security
|
|
audit log</title>
|
|
</head>
|
|
<body id="rzamhmonitorsecurity"><a name="rzamhmonitorsecurity"><!-- --></a>
|
|
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
|
|
<h1 class="topictitle1">Monitor service tools use through <span class="keyword">i5/OS</span> security
|
|
audit log</h1>
|
|
<div><p>You can use the <span class="keyword">i5/OS™</span> security
|
|
audit log to record service tools actions.</p>
|
|
<div class="section"><p>To enable the <span class="keyword">i5/OS</span> security
|
|
audit log to record service tools actions, complete the following steps for
|
|
each server on which you want to enable the <span class="keyword">i5/OS</span> security
|
|
audit log:</p>
|
|
</div>
|
|
<ol><li><span>From an iSeries™ Navigator session, select the server name
|
|
under <span class="uicontrol">My Connections</span> (for your environment, you might
|
|
use your own name for the connections function instead of the default <span class="uicontrol">My
|
|
Connections</span>). Sign on using an ID that has both all object (*ALLOBJ)
|
|
and all audit (*ALLAUDIT) special authorities.</span></li>
|
|
<li><span>Expand <span class="uicontrol">Security</span>, select <span class="uicontrol">Policies</span>,
|
|
and double-click <span class="uicontrol">Auditing policy</span>.</span></li>
|
|
<li><span>Click the <span class="uicontrol">System</span> tab. Make sure the following
|
|
items are checked (other items might also be checked): </span><ul><li>Activate action auditing</li>
|
|
<li>Security tasks</li>
|
|
<li>Service tasks</li>
|
|
</ul>
|
|
</li>
|
|
<li><span>Click <span class="uicontrol">OK</span>. These security audit log functions
|
|
are now available on the iSeries server.</span></li>
|
|
</ol>
|
|
<div class="section"><p>After the security audit log functions have been enabled, the log
|
|
information will be displayed in the journal receiver. To access the current
|
|
service tools action entry in the journal receiver, enter the Display Journal
|
|
(DSPJRN) command, DSPJRN QSYS/QAUDJRN ENTTYP(ST), on an <span class="keyword">i5/OS</span> command
|
|
line.</p>
|
|
<p>After you have accessed the service tools action entry in the
|
|
journal receiver, you can view service tools audit entries for individual
|
|
service tools user IDs. These audit entries include actions, such as logging
|
|
on to SST or DST, changing a service tools user ID password, and accessing
|
|
service tools. For a complete list of the audit entries and related information,
|
|
see <a href="../books/sc415302.pdf" target="_blank">iSeries Security
|
|
Reference</a><img src="wbpdf.gif" alt="Link to PDF" />.</p>
|
|
</div>
|
|
</div>
|
|
<div>
|
|
<div class="familylinks">
|
|
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzamhmonitor.htm" title="You can monitor the use of service functions through DST, and you can monitor service tools use through the security audit log. These logs can help you trace unusual access patterns or other potential security risks.">Monitor service function use</a></div>
|
|
</div>
|
|
</div>
|
|
</body>
|
|
</html> |