Download PDF - IBM Redbooks
Download PDF - IBM Redbooks
Download PDF - IBM Redbooks
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Example 8-10 shows how to display active policies in the DB2 subsystem.<br />
Example 8-10 Displaying the SQL statement auditing policy<br />
DSNW127I -DB0T CURRENT TRACE ACTIVITY IS -<br />
TNO TYPE CLASS DEST QUAL IFCID<br />
06 AUDIT * GTF NO<br />
*********END OF DISPLAY TRACE SUMMARY DATA*********<br />
DSNW143I -DB0T CURRENT TRACE QUALIFICATIONS ARE -<br />
DSNW152I -DB0T BEGIN TNO 06 QUALIFICATIONS:<br />
NO QUALIFICATIONS<br />
END TNO 06 QUALIFICATIONS<br />
DSNW185I -DB0T BEGIN TNO 06 AUDIT POLICIES:<br />
ACTIVE AUDIT POLICY: AUDIT2<br />
END TNO 06 AUDIT POLICIES<br />
DSNW148I -DB0T ******END OF DISPLAY TRACE QUALIFICATION DATA******<br />
DSN9022I -DB0T DSNWVCM1 '-DISPLAY TRACE' NORMAL COMPLETION<br />
Another example is when some users and database administrators try to access the DB2<br />
object, SAPR3.USR02, by using such tools as SPUFI, the DB2 Control Center, and<br />
transaction SU01, within the SAP system. Example 8-11 through Example 8-14 show the<br />
audit records of all activity that was assigned to the DB2 object, USR02.<br />
Example 8-11 shows the audit record for all users that read data in the DB2 object<br />
SAPR3.USR02 in SAP.<br />
Example 8-11 Reading access to DB2 object SAPR3.USR02 within SAP<br />
SAPINST T73DIA00 DRDA 19:26:59.04 BIND PACKAGE: DB0T.SAP0907U.SYSL<br />
SAPINST 4 110801211120 TYPE: SEL-QUERY<br />
DISTSERV SERVER TEXT: SELECT * FROM "USR02"<br />
REQLOC :::172.30.9.120 ACCESS CTRL SCHEMA: N/P<br />
ENDUSER :HAGELSTROMM ACCESS CTRL OBJECT: N/P<br />
WSNAME :'BLANK'<br />
TRANSACT:'BLANK'<br />
Example 8-12 shows the audit record for all users with write access to DB2 object<br />
SAPR3.USR02 in SAP.<br />
Example 8-12 Writing access to DB2 object SAPR3.USR02 within SAP<br />
SAPINST T73DIA00 DRDA 19:26:59.83 BIND PACKAGE: DB0T.SAP0907U.SYSL<br />
SAPINST 4 110801211120 TYPE: INSERT<br />
DISTSERV SERVER TEXT: INSERT INTO "USR02" V<br />
? , ? , ? , ? , ? , ?<br />
? , ? , ? , ? , ? , ?<br />
? , ? , ? , ? , ? , ?<br />
REQLOC :::172.30.9.120 DATABASE: 10041<br />
ENDUSER :HAGELSTROMM ACCESS CTRL SCHEMA: N/P<br />
WSNAME :'BLANK' ACCESS CTRL OBJECT: N/P<br />
TRANSACT:'BLANK'<br />
Chapter 8. Security enhancements of DB2 10 for SAP solutions 123