|
> From: sallen@fellowes.com (Allen, Stu) > > I have a requirement to audit particular OS400 commands - across all users. > > Is there any simple way to do this? > I know i can audit every command that a user enters, but within our ERP > system (JBA) this picks up loads of commands run by the JBA programs > themselves. Plus this would mean an audit journal for every command that > every user enters - i neither need nor want that level of detail. > > Any ideas? > > Regards, > Stuart > > Stuart Allen > European Systems Analyst, Fellowes > mailto:sallen@fellowes.com We are on BPCS which is a similar deal ... if you do WRKACTJOB or whatever what you see is the BPCSMENU program into which tons of things are nested ... you can dig down into the stack & see the actual program the user is running, but it is messy & not easy for end users to work with & also there are security issues letting end users into this kind of stuff. http://www.precosis.com.au/piu1.htm is shareware of PROGRAMS IN USE that solves this problem ... it puts data into the old S/36 format similar to the ASNA upgrade where in a single command you could get a chart of user names & what programs they running in which the names of the programs are those that are familiar to the end users ... really great when some operation needs to be done with no one else updating the same kind of files, but SNDMSG (we use the API that sends same message to a cluster of users ... the GO ASSIST one moved to end user menus) does not cut it when people have walked away from their work station in the middle of an update. And of course someone who knows CL can embed a command line command into a user menu. I have told BPCS-L about this several times ... someone else might like to tell JBAUSERS-L & MAPICS-L. & OPENERP400. http://www.precosis.com.au/rv1.htm REMOTE VIEW is an improved version of PROGRAMS IN USE for MIS ... often when we need to shut down for backup or other dedicated tasks, there are folks who went home for the evening leaving their sessions signed on in the middle of some program in which cancelling their work is not in the best interests of the data base integrity, but what can you do ... well you can get this share ware & transmit F3 F12 to the program so as to gracefully exit it. This is a brand new variant that BPCS-L does not yet know about & I dare say other ERP groups with similar interests. I do not have either of these products yet at Central but they are on my wish list because I recognize their value. Several years ago, I had a requirement to do auditing of who was updating or accessing certain key files that management considered to be extremely confidential and critical & I used security settings to accomplish this ... there was a way on the old S/36 to log all hits on files of our choice & this went to a file from which there was a report for management listing who accessed the file when using what program or DFU or operating system command & of course it was 99.999 % users through legitimate programs doing their regular work & the 0.001 % violators that management really needed to see were totally buried in the mass of data. If I was going to be doing that today, I now know enough to substring exclude on the basis of legitimate programs & summary total user names by day or other criteria, but I have not studied OS/400 security from the perspective of doing this kind of thing. You might also look at the JBA architecture to see if there is a logical hook where it might be possible to do a one place modification to capture this info. In BPCS when a user takes a program option from BPCSMENU it goes through a security program to find out if this person is authorized to run ORD500 or INV900 or BOM200 or whatever the program is ... a person on BPCS could modify the security program to send a piece of data to a history file ... name of person name of BPCS program ... of course JBA might not have any comparable hook & this kind of thinking does not catch the folks who are doing things inside the library list but outside the package from the command line & we have added to our BPCS package with menu options that do not go through the security ... for reasons of implementation productivity ... I can add a new query report in 10 minutes if I skip all the standard frills. I recognize that these tools & ideas are not precisely what you are looking for, but perhaps they will start you down the path & may be worth considering on their own merits. Al Macintyre ©¿© MIS Manager Programmer & Computer Janitor of BPCS 405 CD Rel-02 running on AS/400 V4R3 http://www.cen-elec.com Central Industries of Indiana--->Quality manufacturer of wire harnesses and electrical sub-assemblies Y2K is not the end of my universe, but a re-boot of that old Chinese curse. The road to success is always under construction. Accept that some days you are the pigeon and some days the statue. Murphy's Mom brought wrong baby home from hospital so it should be Kelly's Law. When in doubt, read the documentation, assuming you can find it. +--- | This is the Midrange System Mailing List! | To submit a new message, send your mail to MIDRANGE-L@midrange.com. | To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com. | To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com. | Questions should be directed to the list owner/operator: david@midrange.com +---
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.