(Business processes) Audit user security

Process: Audit user security

Flow

Legend

Objective

To allow an administrator to monitor recorded events which may indicate an intrusion attempt.

Description

The administrator can monitor the system to detect patterns of failed logon, or attempts to access pages for which they do not have access. If a pattern is detected, then this information can be used as a starting point for a more detailed investigation.

Features

Failed logon attempts, and attempts to access pages for which the user does not have authority are captured in the security audit log databases.

Edition

Professional, Enterprise

Tasks

Task Description Role

Monitor AC log table
The administrator can monitor the ACCLOGMAIN and ACCLOGCUB tables for patterms of access violations.
Site Administrator

Notify security administrator (external)
If a pattern of violations is detected, the security administrator can be notified and action taken.
Site Administrator

Feedback

(C) Copyright IBM Corporation 1996, 2006. All Rights Reserved.

Task	Description	Role
Monitor AC log table	The administrator can monitor the ACCLOGMAIN and ACCLOGCUB tables for patterms of access violations.	Site Administrator
Notify security administrator (external)	If a pattern of violations is detected, the security administrator can be notified and action taken.	Site Administrator