On 06-Dec-2013 13:04 -0800, Graap, Kenneth wrote:
Auditing actions (ZC ZR audit entries for example) is a function of
QAUDLVL and the AUDLVL setting on the User Profile... <<SNIP>>
The ZC and ZR are "object auditing" vs "action auditing". The Audit
Level controls action auditing; there are seemingly object-specific
tracking there however, most notably the three special values:
*CREATE *DELETE *OBJMGT
" _Planning the auditing of object access_
The i5/OS operating system provides the ability to log accesses to an
object in the security audit journal by using system values and the
object auditing values for users and objects. This is called object
The QAUDCTL system value, the OBJAUD value for an object, and the OBJAUD
value for a user profile work together to control object auditing. The
OBJAUD value for the object and the OBJAUD value for the user who is
using the object determine whether a specific access should be logged.
The QAUDCTL system value starts and stops the object auditing function.
" _Planning the auditing of actions_
The QAUDCTL (audit control) system value, the QAUDLVL (audit level)
system value, the QAUDLVL2 (audit level extension) system value, and the
AUDLVL (action auditing) parameter in user profiles work together to
control action auditing.