We have C# running on Microsoft IIS handling our web services. They have found they are vulnerable to SQL injection attacks. They are working on programming their sites to not allow it, but we would like to have a belt and suspenders approach.
The files are journaled, but they really want to capture the entire SQL string if possible. I will look into the QIBM_QZDA_SQL1 and database monitoring.
Thanks for the suggestions.