Object Auditing in AS400
Hi,
We want to AUDIT the OBJECTS (not only the physical files) that have been created, deleted, modified in our system.
How can we do that?
For this how much disk space it may be needed.
What are the advantages & disadvantages of doing so.
Can any one please help us.
Thanking You
We want to AUDIT the OBJECTS (not only the physical files) that have been created, deleted, modified in our system.
How can we do that?
For this how much disk space it may be needed.
What are the advantages & disadvantages of doing so.
Can any one please help us.
Thanking You
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
The advantages and disadvantages are two sides of the same coin: when you enable auditing you get an audit trail at the expense of some system resources. If you disable auditing you save some system resources at the expense of an audit trail.
You may enable or disable auditing (provided you have adequate rights, of course) at any time.
I don't know if it will create any problems for you, since I don't know how much disk space you have free, how much auditing information you will generate in a given period, what applications run on your system, how much average CPU utilization you have, how many CPUs you have, how much disk arm utilization you have, and other variables.
In general, if you have a lightly-utilized machine, auditing impact is generally light. If you are already experiencing performance problems, enabling auditing will certainly increase disk arm and disk space utilization somewhat, but how much is entirely dependent on the amount and types of work your specific system performs
Hope that helps.
- Gary Patterson
You may enable or disable auditing (provided you have adequate rights, of course) at any time.
I don't know if it will create any problems for you, since I don't know how much disk space you have free, how much auditing information you will generate in a given period, what applications run on your system, how much average CPU utilization you have, how many CPUs you have, how much disk arm utilization you have, and other variables.
In general, if you have a lightly-utilized machine, auditing impact is generally light. If you are already experiencing performance problems, enabling auditing will certainly increase disk arm and disk space utilization somewhat, but how much is entirely dependent on the amount and types of work your specific system performs
Hope that helps.
- Gary Patterson
Just to clarify: changes to auditing settings take place immediately. An IPL is not required.
- Gary Patterson
- Gary Patterson
ASKER
Dear Gary,
After enabling the system values & checking for one day, if we want to disable those system values can we get back the disk space occupied while auditing during that day?
While auditing process is going on will it create any objects by its own so that those objects will occupy disk space & even after disabling the system values also we cannot get back the occupied disk space. Is there any problem like this.
As you told that the changes to auditing settings will take place immediately, can you tell us how to disable those settings again.
Please tell us in this also.
Thankyou.
After enabling the system values & checking for one day, if we want to disable those system values can we get back the disk space occupied while auditing during that day?
While auditing process is going on will it create any objects by its own so that those objects will occupy disk space & even after disabling the system values also we cannot get back the occupied disk space. Is there any problem like this.
As you told that the changes to auditing settings will take place immediately, can you tell us how to disable those settings again.
Please tell us in this also.
Thankyou.
Sure. The auditing data is stored in journal receiver objects. These journal receiver objects need to be managed. You can get the disk space back by deleting the journal receivers.
As you might expect, you alter or turn off auditing using the same system values, user profile settings, and object settings you use to turn it on.
Before we go any further, may I suggest that you read the few pages in the Security Reference that covers just about everything you need to know about turning on auditing, auditing-related objects, and disabling auditing is right here:
http://publib.boulder.ibm.com/iseries/v5r1/ic2924/books/c415302515.htm
Regards,
- Gary Patterson
As you might expect, you alter or turn off auditing using the same system values, user profile settings, and object settings you use to turn it on.
Before we go any further, may I suggest that you read the few pages in the Security Reference that covers just about everything you need to know about turning on auditing, auditing-related objects, and disabling auditing is right here:
http://publib.boulder.ibm.com/iseries/v5r1/ic2924/books/c415302515.htm
Regards,
- Gary Patterson
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
You gave some abilities as advantages & the same as inabilities in disadvantages.
I didn't got what does it means. Can you please explain that?
After enabling the system values again can we disable those system values?
Will it create any problem for us?
Thankyou.