• Subject: Re: of job logs, auditing and such ...
  • From: "Ken Sims at SWS Nevada" <ken.sws@xxxxxxxxx>
  • Date: Mon, 27 Sep 1999 12:59:12 -0700

Hi Bob -

>Date: Mon, 27 Sep 99 13:19:00 -0400
>From: Bob Clarke           3rd x4502 <clarke@teri.org>
>Subject: of job logs, auditing and such ...

First, could you PLEASE turn off the MIME encoding of your messages.
I won't reproduce what the MIME encoded part of your messages look
like, but it's long and ugly.

>I need help understanding an AS/400 concept that I have not previously   
>been exposed to, but is now wreaking havoc on my work day.  My question   
>is:  To what level of detail is 'job logging' available, and what   
>controls the existence and/or level of logging?  Recently we have had a   

The LOG value on the job description (which can be overriden for a batch
job on the SBMJOB command, and changed in any job by CHGJOB) sets the
detail of logging, and for batch jobs that end normally, determines
whether a job log is produced and whether it includes second level text.

>Ultimately I'd like to have the ability to look back for   
>any given day and see what any user did on that day, right down to   
>keystrokes if possible.  I'd settle though for at least having a record   
>of what jobs they ran, be it by command line or menu option.  Can anyone   
>help me to better understand this?  Or can someone point me to   
>appropriate documentation?  Any help would be most appreciated.  Thanks   
>in advance!

There isn't a way from the operating system to record keystrokes, however
system auditing can record all sorts of things, and unlike a job log, it
can't just be deleted.

Among other things, you can audit the starting and ending of jobs, and
also the execution of each command within a job (this can get quite large).
Audit levels can be setup globally through system values, but you can also
turn on additional auditing for individual users.  There also is object
level auditing, but it doesn't sound like you need that.

Bear in mind that a whole interactive session is one job.  If you want to
see what commands were run in an interactive session, you will need command
auditing.

Do wrksysval qaud* and you will see the system values for auditing.  On
V3R7 there are four.  Once you have created the journal receivers and
journal (the audit entries are stored in journal receivers), I recommend
that QAUDCTL be changed to *NOQTEMP and *AUDLVL, that QAUDENDACN be set
to *NOTIFY, and that QAUDFRCLVL be set to *SYS.  What you put in QAUDLVL
will depend on what you want to audit and whether you want to audit it
for everyone or just for specific users.  Look at the help behind these
system values and the help on the CHGUSRAUD command.  This will get you
pointed in the right direction.

Ken
Southern Wine & Spirits of Nevada, Inc.


+---
| This is the Midrange System Mailing List!
| To submit a new message, send your mail to MIDRANGE-L@midrange.com.
| To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
| To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator: david@midrange.com
+---

As an Amazon Associate we earn from qualifying purchases.

This thread ...


Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.