How To
Summary
Please follow the steps below to enable auditing on your IIAS system. Login to IIAS as root user.
Steps
docker exec -it dashDB bash
As root run the script
/opt/ibm/dashdb-security/installaudit
Note: User 'bluadmin' or 'dbinst1' does not have permission to execute 'installaudit' script.
AUDIT DATABASE USING POLICY AUDIT_ALL
Note: At present setting up policy at schema level is not supported. If you want to capture everything in your audit, defining a policy at database level will have a noticeable performance impact. Hence it is best to apply it to individual tables. You can define policies with different granularity for different tables to suit your needs.
CALL SYSPROC.ADMIN_TASK_ADD( ‘<TASK_NAME>’, NULL, NULL, NULL, '<CRON-JOB like Frequency>', ‘<SCHEMA-NAME>’,‘<PROCEDURE>’ , NULL, NULL, ‘<comments>’ )
In our case the AUDIT.UPDATE() is the procedure created to load the tables
with the audit data. The following example will call it every 5 min.
CALL SYSPROC.ADMIN_TASK_ADD( 'AUDIT_UPDATE', NULL, NULL, NULL, '*/5 * * * *', 'AUDIT', 'UPDATE', NULL, NULL, 'Periodically update to audit tables' );
You will find more information on this here:
SELECT * from SYSTOOLS.ADMIN_TASK_LIST WHERE NAME=’<name>’
SELECT * FROM SYSCAT.AUDITUSE WHERE AUDITPOLICYNAME = ‘<policy_name>’
SELECT * FROM SYSTOOLS.ADMIN_TASK_STATUS WHERE NAME=’<name>’
Related Information
Document Location
Worldwide
Was this topic helpful?
Document Information
Modified date:
04 August 2020
UID
ibm11000568