Auditing the relational database directory

 

This topic discusses how to audit program access to the relational database directories.

Accesses to the relational database directory are recorded in the security auditing journal when either one of the items listed here is true.

By using the *SYSMGT value, the system audits all accesses that were made with the following commands:

The relational database directory is a database file (QSYS/QADBXRDBD) that can be read directly without the directory entry commands.

Prior to V5R2, relational database (RDB) directory file QADBXRDBD in library QSYS was built with operational authority granted to *PUBLIC. Beginning in V5R2, that's no longer the case. Therefore, existing programs that access the RDB directory using this file might no longer run correctly. Unless you have *ALLOBJ special authority, you will have to access the logical file named QADBXRMTNM, which is built over QADBXRDBD. To audit direct accesses to this file, set auditing on with the Change Object Auditing (CHGOBJAUD) command.

 

Parent topic:

Administration

 

Related reference


Add Relational Database Directory Entry (ADDRDBDIRE) command
Display Relational Database Directory Entry (DSPRDBDIRE) command
Change Relational Database Directory Entry (CHGRDBDIRE) command
Remove Relational Database Directory Entry (RMVRDBDIRE) command
Work with Relational Database Directory Entry (WRKRDBDIRE) command
Change Object Auditing (CHGOBJAUD) command