× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. April 2006

Re: Special authority use ... Auditing

Patrick, would audit entry type AF capture this instance (the failure to have 
special authority)?  
Thanks
 
  
 
-----Original Message-----
From: Patrick Botz <botz@xxxxxxxxxx>
To: Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxx>
Sent: Fri, 24 Mar 2006 18:51:29 -0600
Subject: RE: Special authority use ... Auditing


Yeah! And it would be even more fun listening to the complaints about all
of the disk space used by the audit journal :-). But since that's not my
job anymore I wouldn't really have to worry about it!

One other thought. Starting in V5R4 I believe, we audit for instances where
a special authority was required but the requestor didn't have it (failure
to have special authority).  You could take away special authority from all
user profiles and select the audit entries.  I guarantee this will help you
find everyone who needs special authority for any reason :-)

Patrick Botz
Senior Technical Staff Member
Rochester CTC, eServer Security Architecture & Consulting
iSeries Security Architect
(507) 253-0917, T/L 553-0917
CTC Fax # 507-253-2070
email: botz@xxxxxxxxxx

For more information on CTC, visit our website at
http://www.ibm.com/eserver/services
http://www.ibm.com/servers/eserver/services


midrange-l-bounces@xxxxxxxxxxxx wrote on 03/24/2006 07:51:10 AM:

> Wow Pat.... That's a lot of work <smile> ... Wouldn't it be nice if an
> entry was deposited to the audit journal every time a function or object
> access was allowed because of Special Authority? A new QAUDLVL system
> value option, *SPCAUT... Hmmmmm .... I like it!

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.