The Security Jrn AuthFail attribute group contains attributes that monitor the journal entries describing authority failures.
Job Name The name of the job. The valid value is an alphanumeric string with a maximum of 10 characters.
Job Number The number the system assigned to the job. The valid value is an alphanumeric string with a maximum of 6 characters.
Object The name of the object. The valid value is an alphanumeric string with a maximum of 10 characters.
Object Library The name of the library that contains the object. The valid value is an alphanumeric string with a maximum of 10 characters.
Object Type The type of object. The valid values include:
*ALRTBL |
Alert table |
*AUTL |
Authorization list |
*BNDDIR |
Binding directory |
*CFGL |
Configuration list |
*CHTFMT |
Chart format |
*CLD |
C description |
*CLS |
Class |
*CMD |
Command |
*CNNL |
Connection list |
*COSD |
Class-of-service description |
*CSI |
Communications Side Information |
*CSPMAP |
Cross System Product map |
*CSPTBL |
Cross System Product table |
*CTLD |
Controller description |
*DEVD |
Device description |
*DOC |
Document |
*DTAARA |
Data area |
*DTADCT |
Data dictionary |
*DTAQ |
Data queue |
*EDTD |
Edit description |
*FCT |
Forms control table |
*FILE |
File |
*FLR |
Folder |
*FNTRSC |
Font resources |
*FORMDF |
Form definition |
*FTR |
Filter |
*GSS |
Graphics symbol set |
*IGCDCT |
Double-byte character set (DBCS) conversion dictionary |
*IGCSRT |
Double-byte character set (DBCS) sort table |
*IGCTBL |
Double-byte character set (DBCS) font table |
*JOBD |
Job description |
*JOBQ |
Job queue |
*JOBSCD |
Job schedule |
*JRN |
Journal |
*JRNRCV |
Journal receiver |
*LIB |
Library |
*LIND |
Line description |
*MENU |
Menu description |
*MODD |
Mode description |
*MODULE |
Compiler unit |
*MSGF |
Message File |
*MSGQ |
Message queue |
*NODL |
Node list |
*NWID |
Network interface description |
*OUTQ |
Output queue |
*OVL |
Overlay |
*PAGDFN |
Page definition |
*PAGSEG |
Page segment |
*PDG |
Print Descriptor Group |
*PGM |
Program |
*PNLGRP |
Panel group definition |
*PRDAVL |
Product availability |
*PRDDFN |
Product definition |
*PRDLOD |
Product load |
*QMFORM |
Query management form |
*QMQRY |
Query management query |
*QRYDFN |
Query definition |
*RCT |
Reference code translation table |
*SBSD |
Subsystem description |
*SCHIDX |
Information search index |
*SPADCT |
Spelling aid dictionary |
*SRVPGM |
Service program |
*SQLPKG |
Structured Query Language package |
*SSND |
Session description |
*S36 |
System/36 machine description |
*TBL |
Table |
*USRIDX |
User index |
*USRPRF |
User profile |
*USRQ |
User queue |
*USRSPC |
User space |
*WSCST |
Workstation customizing object |
ORIGINNODE The host name for the monitored system. The valid value is an alphanumeric string maximum length of 64 characters.
User The name of the user that caused the audit journal entry. The valid value is an alphanumeric string with a maximum of 10 characters.
Validation Value The type of cyclic redundancy check (validation value), which is set only if the violation type is C. The valid values include:
A |
A changed object that may violate security was restored. |
B |
All authority revoked when object was restored. |
C |
A copy was restored of the program that was translated. |
D |
The security requested that the changed object was restored. |
E |
Detection of a system install-time error. |
Violation Type The type of security violation that occurred. The valid values include:
A |
A user attempted to perform an operation or access an object without the required authority. |
B |
A restricted machine interface instruction was run by a program. |
C |
A program was restored that failed the restore-time program validation checks. Information about the failure is in the Validation Value Violation Type field of the record. (See the Validation Value attribute.) |
D |
A program attempted to access an object using an interface that is not supported or a callable program that is not in the callable API list. |
J |
A submitter without *USE authority for a user profile attempted to submit or schedule a job using the user profile. Submitter did not have *USE authority to the user profile. |
P |
The use was attempted of a profile handle that is not valid on the QWTSETP API. |
R |
An update was attempted to an object that is read only. (Enhanced hardware storage protection is logged only at security level 40.) |
S |
A sign-on was attempted without a user ID and password. |