News
Abstract
Refined Object auditing control on the QIBM_DB_OPEN exit program
Content
You are in: IBM i Technology Updates > Db2 for i - Technology Updates > Db2 for i Security Enhancements > Refined Object auditing control on the QIBM_DB_OPEN exit program
Previously, an exit program control (*OBJAUD) was added to limit exit program calls. Due to the wide use of *CHANGE object auditing in some environments, the *OBJAUD control did not reduce the calls to the exit program enough, in some environments.
The Open Data Base File Exit Program is enhanced to support two new values for the Exit Program Data - OBJAUD(*ALL) and OBJAUD(*CHANGE).
Three approaches now exist:
Three approaches now exist:
1)ADDEXITPGM EXITPNT(QIBM_QDB_OPEN) FORMAT(DBOP0100) PGMNBR(7) PGM(MJATST/OPENEXIT2) THDSAFE(*YES) TEXT('MJA') REPLACE(*NO)
PGMDTA(*JOB *CALC '*OBJAUD')
==>The exit program will be called when any object auditing is encountered
PGMDTA(*JOB *CALC '*OBJAUD')
==>The exit program will be called when any object auditing is encountered
2)
2)ADDEXITPGM EXITPNT(QIBM_QDB_OPEN) …
PGMDTA(*JOB *CALC 'OBJAUD(*ALL)')
==>The exit program will be called when *ALL object auditing is encountered
PGMDTA(*JOB *CALC 'OBJAUD(*ALL)')
==>The exit program will be called when *ALL object auditing is encountered
3)
3)ADDEXITPGM EXITPNT(QIBM_QDB_OPEN) ...
PGMDTA(*JOB *CALC 'OBJAUD(*CHANGE)')
==>The exit program will be called when *CHANGE object auditing is encountered
PGMDTA(*JOB *CALC 'OBJAUD(*CHANGE)')
==>The exit program will be called when *CHANGE object auditing is encountered
[{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SWG60","label":"IBM i"},"Component":"","Platform":[{"code":"PF012","label":"IBM i"}],"Version":"All Versions","Edition":"","Line of Business":{"code":"LOB57","label":"Power"}}]
Was this topic helpful?
Document Information
Modified date:
21 January 2020
UID
ibm11172716