Question & Answer
Question
Does InfoSphere Guardium support negative SQLCODE activity for DB2 for z/OS? For example: On DB2 for z/OS, you executed "select * from NONEXISTTABLE". However this activity was not captured by Guardium.
Answer
Most negative SQLCODE activity will NOT be collected by the DB2 z/OS S-TAP by design. This is true of most SQL access activity (SELECT/INSERT/UPDATE/DELETE). Exceptions to this are events captured as a result of "Command" activity (Failed authorization access attempts, for instance).
Note that the 'Audit data source and collection types' section of the 9.1 User Guide contains a table of what may be collected by S-TAP. While it does not explicitly state that unsuccessful READs and CHANGEs will not be collected, it does say that READs and CHANGEs will be collected. Unsuccessful reads and changes will not be collected unless they are the result of an authorization failure (in which case they would be collected under the AUTHORIZATION (IFI) section).
Please refer to the following link for 'Audit data source and collection types' section of InfoSphere Guardium 9.1 Knowledge Center
http://www.ibm.com/support/knowledgecenter/SSMPHH_9.1.0/com.ibm.guardium91.doc/ADHV9.1/DITA/adhur402.html
Was this topic helpful?
Document Information
Modified date:
08 November 2018
UID
swg21690073