ibm-information-center/dist/eclipse/plugins/i5OS.ic.cl_5.4.0.1/chgusraud.htm

  <!doctype html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
  <html>
<head><META http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Change User Auditing  (CHGUSRAUD)</title>
<link rel="stylesheet" type="text/css" href="../rzahg/ic.css">
</head>
<body bgcolor="white">
<script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<a name="CHGUSRAUD.Top_Of_Page"></a>
<h2>Change User Auditing  (CHGUSRAUD)</h2>
<table width="100%">
<tr>
<td valign="top" align="left"><b>Where allowed to run:  </b>All environments (*ALL)<br>
<b>Threadsafe:  </b>No
</td>
<td valign="top" align="right">
<a href="#CHGUSRAUD.PARAMETERS.TABLE">Parameters</a><br>
<a href="#CHGUSRAUD.COMMAND.EXAMPLES">Examples</a><br>
<a href="#CHGUSRAUD.ERROR.MESSAGES">Error messages</a></td>
</tr>
</table>

<div> <a name="CHGUSRAUD"></a>
<p>The CHGUSRAUD (Change User Audit) command allows a user with audit (*AUDIT) special authority to set up or change auditing for a user.  The system value QAUDCTL controls turning auditing on and off.  The auditing attributes of a user profile can be displayed with the Display User Profile (DSPUSRPRF) command.
</p>
<p>
<b>Note:     </b>The changes made by CHGUSRAUD take effect the next time a job is started for this user.
</p>
</div>
<table width="100%">
<tr><td align="right"><a href="#CHGUSRAUD.Top_Of_Page">Top</a></td></tr>
</table>
<hr size="2" width="100%">

<div>
<h3><a name="CHGUSRAUD.PARAMETERS.TABLE">Parameters</a></h3>
<table border="1" cellpadding="4" cellspacing="0">
<!-- col1="10" col2="15" col3="30" col4="10" -->
<tr>
<th bgcolor="aqua" valign="bottom" align="left">Keyword</th>
<th bgcolor="aqua" valign="bottom" align="left">Description</th>
<th bgcolor="aqua" valign="bottom" align="left">Choices</th>
<th bgcolor="aqua" valign="bottom" align="left">Notes</th>
</tr>
<tr>
<td valign="top"><a href="#CHGUSRAUD.USRPRF"><b>USRPRF</b></a></td>
<td valign="top">User profile</td>
<td valign="top">Values (up to 50 repetitions): <i>Simple name</i></td>
<td valign="top">Required, Positional 1</td>
</tr>
<tr>
<td valign="top"><a href="#CHGUSRAUD.OBJAUD"><b>OBJAUD</b></a></td>
<td valign="top">Object auditing value</td>
<td valign="top"><b><u>*SAME</u></b>, *NONE, *CHANGE, *ALL</td>
<td valign="top">Optional, Positional 2</td>
</tr>
<tr>
<td valign="top"><a href="#CHGUSRAUD.AUDLVL"><b>AUDLVL</b></a></td>
<td valign="top">User action auditing</td>
<td valign="top">Single values: <b><u>*SAME</u></b>, *NONE<br>Other values (up to 13 repetitions): *CMD, *CREATE, *DELETE, *JOBDTA, *OBJMGT, *OFCSRV, *OPTICAL, *PGMADP, *SAVRST, *SECURITY, *SERVICE, *SPLFDTA, *SYSMGT</td>
<td valign="top">Optional, Positional 3</td>
</tr>
</table>

<table width="100%">
<tr><td align="right"><a href="#CHGUSRAUD.Top_Of_Page">Top</a></td></tr>
</table>
</div>
<div> <a name="CHGUSRAUD.USRPRF"></a>
<h3>User profile (USRPRF)</h3>
<p>Specifies one or more user profiles whose auditing values are to be changed.  A maximum of 50 user names can be specified.
</p>
<p>This is a required parameter.
</p>
</div>
<table width="100%">
<tr><td align="right"><a href="#CHGUSRAUD.Top_Of_Page">Top</a></td></tr>
</table>
<div> <a name="CHGUSRAUD.OBJAUD"></a>
<h3>Object auditing value (OBJAUD)</h3>
<p>Specifies the object auditing value for the user.  This value only takes effect if the object auditing (OBJAUD) value for the object to be accessed has the value *USRPRF.
</p>
<dl>
<dt><b><u>*SAME</u></b></dt>
<dd>The value does not change.
</dd>
<dt><b>*NONE</b></dt>
<dd>The auditing value for the object determines when auditing is performed.
</dd>
<dt><b>*CHANGE</b></dt>
<dd>All change accesses by this user on all objects with the *USRPRF audit value are logged.
</dd>
<dt><b>*ALL</b></dt>
<dd>All change and read accesses by this user on all objects with the *USRPRF audit value are logged.
</dd>
</dl>
</div>
<table width="100%">
<tr><td align="right"><a href="#CHGUSRAUD.Top_Of_Page">Top</a></td></tr>
</table>
<div> <a name="CHGUSRAUD.AUDLVL"></a>
<h3>User action auditing (AUDLVL)</h3>
<p>Specifies the level of activity that is audited for this user profile.
</p>
<p>
<b>Note:     </b>The system values QAUDLVL and QAUDLVL2 are used in conjunction with this parameter.  For example, if QAUDLVL is set to *DELETE and AUDLVL is set to *CREATE, then both *DELETE and *CREATE would be audited for this user.  The default value for the QAUDLVL and QAUDLVL2 system values is *NONE.
</p>
<p><b>Single values</b>
</p>
<dl>
<dt><b><u>*SAME</u></b></dt>
<dd>The value does not change.
</dd>
<dt><b>*NONE</b></dt>
<dd>No auditing level is specified.  The auditing level for this user is taken from system values QAUDLVL and QAUDLVL2.
</dd>
</dl>
<p><b>Other values (up to 13 repetitions)</b>
</p>
<dl>
<dt><b>*CMD</b></dt>
<dd>CL command strings, System/36 environment operator control commands, and System/36 environment procedures are logged for this user.
</dd>
<dt><b>*CREATE</b></dt>
<dd>Auditing entries are sent when objects are created by this user.
</dd>
<dt><b>*DELETE</b></dt>
<dd>Auditing entries are sent when objects are deleted by this user.
</dd>
<dt><b>*JOBDTA</b></dt>
<dd>The following actions taken by this user that affect a job are audited:
<ul>
<li>Job start and stop data
</li>
<li>Hold, release, stop, continue, change, disconnect, end, end abnormal
</li>
<li>Program start request (PSR) is attached to a prestart job
</li>
</ul>
</dd>
<dt><b>*OBJMGT</b></dt>
<dd>Object management changes made by this user, such as move or rename, are audited.
</dd>
<dt><b>*OFCSRV</b></dt>
<dd>Office services changes made by this user, such as changes to the system directory and use of OfficeVision mail, are audited.
</dd>
<dt><b>*OPTICAL</b></dt>
<dd>The following optical functions are audited:
<ul>
<li>Add or remove optical cartridge
</li>
<li>Change the authorization list used to secure an optical volume
</li>
<li>Open optical file or directory
</li>
<li>Create or delete optical directory
</li>
<li>Change or retrieve optical directory attributes
</li>
<li>Copy, move, or rename optical file
</li>
<li>Copy optical directory
</li>
<li>Back up optical volume
</li>
<li>Initialize or rename optical volume
</li>
<li>Convert backup optical volume to a primary volume
</li>
<li>Save or release held optical file
</li>
<li>Absolute read of an optical volume
</li>
</ul>
</dd>
<dt><b>*PGMADP</b></dt>
<dd>Authority obtained through program adoption is audited for this user.
</dd>
<dt><b>*SAVRST</b></dt>
<dd>Save and restore actions performed by this user are audited.
</dd>
<dt><b>*SECURITY</b></dt>
<dd>Security changes made by this user are audited.
</dd>
<dt><b>*SERVICE</b></dt>
<dd>Use of the system service tools by this user is audited.
</dd>
<dt><b>*SPLFDTA</b></dt>
<dd>Spooled file operations made by this user are audited.
</dd>
<dt><b>*SYSMGT</b></dt>
<dd>Use of system management functions by this user is audited.
</dd>
</dl>
</div>
<table width="100%">
<tr><td align="right"><a href="#CHGUSRAUD.Top_Of_Page">Top</a></td></tr>
</table>
<hr size="2" width="100%">
<div><h3><a name="CHGUSRAUD.COMMAND.EXAMPLES">Examples</a> </h3>
<p>
<pre>
CHGUSRAUD   USRPRF(FRED)  OBJAUD(*CHANGE)
            AUDLVL(*CREATE *DELETE)
</pre>
</p>
<p>This command changes the auditing value in the user profile of the user FRED. All objects whose object auditing value is *USRPRF are audited when they are changed by user FRED. All objects that are created and all objects that are deleted will be audited for user FRED. Auditing records are sent to the auditing journal QAUDJRN in QSYS.
</p>
</div>
<table width="100%">
<tr><td align="right"><a href="#CHGUSRAUD.Top_Of_Page">Top</a></td></tr>
</table>
<hr size="2" width="100%">
<div><h3><a name="CHGUSRAUD.ERROR.MESSAGES">Error messages</a> </h3>
<p><b><u>*ESCAPE Messages</u></b>
</p>
<dl>
<dt><b>CPF22B0</b></dt>
<dd>Not authorized to change the auditing value.
</dd>
<dt><b>CPF22CC</b></dt>
<dd>Auditing value not changed for some user profiles.
</dd>
</dl>
</div>
<table width="100%">
<tr><td align="right"><a href="#CHGUSRAUD.Top_Of_Page">Top</a></td></tr>
</table>
</body>
</html>