Solved

how to display a QSECOFR log ?

Posted on 2007-03-28
4
2,017 Views
Last Modified: 2013-12-06
I want to display a QSECOFR log on AS400
0
Comment
Question by:jimlo1
4 Comments
 
LVL 33

Expert Comment

by:shalomc
ID: 18814747
What do you want to know about the QSECOFR?

Essentially, you need to create the auditing journal, turn auditing on (system values QAUDLVL and QAUDCTL), and define what QSECOFR activities/actions you want to log.

Then, you should decide what level of detail you want to show on your audit reports.
You may have to modify the auditing attributes of QSECOFR to get everything you want, and possibly of other system or application objects.

If you must know what qsecofr did this morning, but auditing is not turned on, then you have a problem.

ShalomC
0
 

Author Comment

by:jimlo1
ID: 18830924
PLease give me procedure ? Thank
0
 
LVL 27

Accepted Solution

by:
tliotta earned 500 total points
ID: 18848016
jimlo1:

It's not totally clear what you want to do. However, assuming that Shalom was on target --

  ==>  crtjrnrcv  somelib/AUDRCV
  ==>  crtjrn        QSYS/QAUDJRN  jrnrcv( somelib/AUDRCV )
  ==>  chgsysval  QAUDCTL  value( *AUDLVL )
  ==>  chgsysval  QAUDLVL  value( *CREATE *DELETE ... )
  ==>  chgusraud QSECOFR  objaud( *ALL )  audlvl( *CREATE *DELETE ... )
  ==>  crtjobd     somelib/SECOFR  log( 4 0 *SECLVL )
  ==>  chgusrprf  QSECOFR  jobd( somelib/SECOFR )

That's a general sequence that you might take.

First, create a journal receiver. It should be in some library that has no more authority than *USE. I suppose many people create it in QSYS. After a receiver is created, create the QAUDJRN journal in QSYS. You'll have to decide what parameters to supply for management; different sites have different policies. Attach the receiver when you create the journal.

Start activating system auditing by pointing the QAUDCTL system value to the QAUDLVL system value. The current value is *NONE if auditing isn't active. Once you change its value to *AUDLVL, the system will begin auditing according to what's listed in the QAUDLVL system value, so set the list there according to what auditing you want the system to do in general. Since this can generate a whole bunch of audit entries, you'll have to decide what to put in the list. The [help] for the system value gives a general idea of what each item does. Keep in mind that this list is for _system wide_ auditing.

With security auditing active, you can set QSECOFR for auditing at the user level. (This is info about just one user profile -- QSECOFR. Repeat this for any profile you want to audit if you don't do it system wide.) Use the OBJAUD() parameter to tell if you want info audited about objects that are handled by QSECOFR. Use the AUDLVL() parameter to tell if you want info audited about actions taken by QSECOFR.

Additional "logging" can be done. For example, you could create a special job description for QSECOFR and set full job logging on with it. Once a job description exists, you would then attach it to QSECOFR with CHGUSRPRF.

Those steps would give you a fair chance at logging QSECOFR activity. Other things can be done, but as I said, it's not clear exactly what you want yet.

Generally, it should result in very few log entries overall because QSECOFR should not be used for anything except at IBM's direction. That shouldn't happen much more then approximately once per quarter if you apply PTFs that often. You would also use QSECOFR to set up initial configurations and authorities on brand new systems. After that, there's no point in risking damage to the profile. A different profile should be made available for any work needing to be done.

Tom
0
 
LVL 2

Expert Comment

by:indmillert
ID: 18882123
If you are simply looking for the equivalent of, for example, the Windows event log that shows you general system activity you can use the DSPLOG command.  Type DSPLOG at the command prompt, press F4 and then fill in the date range that you would like to inspect.   Additionall, you can also use DSPMSG QSYSOPR to display general "System Operator" messages.  
0

Featured Post

Courses: Start Training Online With Pros, Today

Brush up on the basics or master the advanced techniques required to earn essential industry certifications, with Courses. Enroll in a course and start learning today. Training topics range from Android App Dev to the Xen Virtualization Platform.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

As the title indicates, I have done this before. It chills me everytime I update the OS on my phone, (http://www.experts-exchange.com/articles/18084/Upgrading-to-Android-5-0-Lollipop.html) because one time I did this and I essentially had a bricked …
#Citrix #POC #XenDesktop #vCenter #VMware #ESX
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…
Hi friends,  in this video  I'll show you how new windows 10 user can learn the using of windows 10. Thank you.

785 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question