Command and configuration events

With Advanced Message Security, we can generate command and configuration event messages, which can be logged and serve as a record of policy changes for auditing.

Command and configuration events generated by IBM MQ are messages of the PCF format sent to dedicated queues on the queue manager where the event occurs.

Configuration events messages are sent to the SYSTEM.ADMIN.CONFIG.EVENT queue.

Command events messages are sent to the SYSTEM.ADMIN.COMMAND.EVENT queue.

Events are generated regardless of tools we are using to manage Advanced Message Security security policies.

In Advanced Message Security, there are four types of events generated by different actions on security policies:

• Create security policies in AMS, which generate two IBM MQ event messages:
  • A configuration event
  • A command event

• Change security policies in AMS, which generates three IBM MQ event messages:
  • A configuration event that contains old security policy values
  • A configuration event that contains new security policy values
  • A command event

• Display and dumping security policies in AMS, which generates one IBM MQ event message:
  • A command event

• Removing security policies in AMS, which generates two IBM MQ event messages:
  • A configuration event
  • A command event

• Enable and disabling event logging
  You control command and configuration events by using the queue manager attributes CONFIGEV and CMDEV. To enable these events, set the appropriate queue manager attribute to ENABLED. To disable these events, set the appropriate queue manager attribute to DISABLED.
• Command event message format
  Command event message consists of MQCFH structure and PCF parameters following it.
• Configuration event message format
  Configuration events are PCF messages of standard Advanced Message Security format.

Parent topic: Administer Advanced Message Security security polices