Online Documentation for SQL Manager for DB2

Creating/editing audit policy

Use the Audit Policy tab of Audit Policy Editor to create/edit an audit policy and specify its definition.

 

 

 

Audit policy name

Names the audit policy.

 

Categories

 

Audit

Generates records when audit settings are changed or when the audit log is accessed.

 

Checking

Generates records during authorization checking of attempts to access or manipulate database objects or functions.

 

Context

Generates records to show the operation context when a database operation is performed.

 

Execute

Generates records to show the execution of SQL statements.

 

With data

Specifies whether or not input data values provided for any host variables and parameter markers should be logged as part of the EXECUTE category.

 

Objmaint

Generates records when data objects are created or dropped.

 

Secmaint

Generates records when object privileges, database privileges, or DBADM authority is granted or revoked.

 

Sysadmin

Generates records when operations requiring SYSADM, SYSMAINT, or SYSCTRL authority are performed.

 

Validate

Generates records when users are authenticated or when system security information related to a user is retrieved.

 

BOTH

Successful and failing events will be audited.

 

FAILURE

Only failing events will be audited.

 

SUCCESS

Only successful events will be audited.

 

 

Error type

Specifies whether audit errors are to be returned or ignored.

 

Normal

Any errors generated by the audit are ignored and only the SQLCODEs for errors associated with the operation being performed are returned to the application.

 

Audit

All errors, including errors occurring within the audit facility itself, are returned to the application.