Access audit data



You must log into the database as Pat before proceeding with this page.

Audit data is stored in active log files until they are being archived. Once archived, data can be extracted into delimited ASCII file. You can then import the file into tables for analysis.


Operation

The SECADM archives and extracts the audit data to audit tables.

For SECADM to work with audit data collected, DB2 provides the following routines:


On the right pane,click Edit Query to match location that user chose in the previous page




Solution


Example on the right pane shows that Pat:

  1. uses SYSPROC.AUDIT_ARCHIVE to archive audit logs
  2. uses SYSPROC.AUDIT_DELIM_EXTRACT to extracts data into delimited ASCII files
  3. Imports the files into the audit tables accordingly
  4. Analyzes the audit data using regular SQL statements