Personal tools
You are here: Home DB2 How To's db2audit - basic commands and tips
Navigation
Log in


Forgot your password?
 
Document Actions

db2audit - basic commands and tips

db2audit is a tool available on DB2 that generates logging for some security events on the database, for example check authorization, security management, users validation, modifications in database objects.

db2audit commands


Here are some basic commands for db2audit:

db2audit start -> to start db2audit

db2audit stop -> to stop db2audit

db2audit describe -> to check db2audit status


db2audit describe
DB2 AUDIT SETTINGS:
Audit active: "TRUE "
Log audit events: "FAILURE"
Log checking events: "FAILURE"
Log object maintenance events: "FAILURE"
Log security maintenance events: "FAILURE"
Log system administrator events: "FAILURE"
Log validate events: "FAILURE"
Log context events: "NONE"
Return SQLCA on audit error: "FALSE "
Audit Data Path: ""
Audit Archive Path: ""
AUD0000I  Operation succeeded

 

db2audit tip


When installing db2audit, be careful on updating the parameter audit_buf_sz of dbm cfg:

       If you want to set an assyncrhonous logging, you should keep audit_buf_sz with zero value. In this case, all information collected by db2audit will be written directly to the disk, what may cause performance problems on the database.

        Generally, we update the parameter using the value 64 or 128 (depending on the volumn of dynamic SQL).

Security Awareness
Would you like your company to implement gamification into your security awareness program?





Polls