Security Jrn AuthFail Attributes

The Security Jrn AuthFail attribute group contains attributes that monitor the journal entries describing authority failures.


Job Name The name of the job. The valid value is an alphanumeric string with a maximum of 10 characters.

Job Number The number the system assigned to the job. The valid value is an alphanumeric string with a maximum of 6 characters.

Object The name of the object. The valid value is an alphanumeric string with a maximum of 10 characters.

Object Library The name of the library that contains the object. The valid value is an alphanumeric string with a maximum of 10 characters.

Object Type The type of object. The valid values include:

*ALRTBL

Alert table

*AUTL

Authorization list

*BNDDIR

Binding directory

*CFGL

Configuration list

*CHTFMT

Chart format

*CLD

C description

*CLS

Class

*CMD

Command

*CNNL

Connection list

*COSD

Class-of-service description

*CSI

Communications Side Information

*CSPMAP

Cross System Product map

*CSPTBL

Cross System Product table

*CTLD

Controller description

*DEVD

Device description

*DOC

Document

*DTAARA

Data area

*DTADCT

Data dictionary

*DTAQ

Data queue

*EDTD

Edit description

*FCT

Forms control table

*FILE

File

*FLR

Folder

*FNTRSC

Font resources

*FORMDF

Form definition

*FTR

Filter

*GSS

Graphics symbol set

*IGCDCT

Double-byte character set (DBCS) conversion dictionary

*IGCSRT

Double-byte character set (DBCS) sort table

*IGCTBL

Double-byte character set (DBCS) font table

*JOBD

Job description

*JOBQ

Job queue

*JOBSCD

Job schedule

*JRN

Journal

*JRNRCV

Journal receiver

*LIB

Library

*LIND

Line description

*MENU

Menu description

*MODD

Mode description

*MODULE

Compiler unit

*MSGF

Message File

*MSGQ

Message queue

*NODL

Node list

*NWID

Network interface description

*OUTQ

Output queue

*OVL

Overlay

*PAGDFN

Page definition

*PAGSEG

Page segment

*PDG

Print Descriptor Group

*PGM

Program

*PNLGRP

Panel group definition

*PRDAVL

Product availability

*PRDDFN

Product definition

*PRDLOD

Product load

*QMFORM

Query management form

*QMQRY

Query management query

*QRYDFN

Query definition

*RCT

Reference code translation table

*SBSD

Subsystem description

*SCHIDX

Information search index

*SPADCT

Spelling aid dictionary

*SRVPGM

Service program

*SQLPKG

Structured Query Language package

*SSND

Session description

*S36

System/36 machine description

*TBL

Table

*USRIDX

User index

*USRPRF

User profile

*USRQ

User queue

*USRSPC

User space

*WSCST

Workstation customizing object

ORIGINNODE The host name for the monitored system. The valid value is an alphanumeric string maximum length of 64 characters.

User The name of the user that caused the audit journal entry. The valid value is an alphanumeric string with a maximum of 10 characters.

Validation Value The type of cyclic redundancy check (validation value), which is set only if the violation type is C. The valid values include:

A

A changed object that may violate security was restored.

B

All authority revoked when object was restored.

C

A copy was restored of the program that was translated.

D

The security requested that the changed object was restored.

E

Detection of a system install-time error.

Violation Type The type of security violation that occurred. The valid values include:

A

A user attempted to perform an operation or access an object without the required authority.

B

A restricted machine interface instruction was run by a program.

C

A program was restored that failed the restore-time program validation checks. Information about the failure is in the Validation Value Violation Type field of the record. (See the Validation Value attribute.)

D

A program attempted to access an object using an interface that is not supported or a callable program that is not in the callable API list.

J

A submitter without *USE authority for a user profile attempted to submit or schedule a job using the user profile. Submitter did not have *USE authority to the user profile.

P

The use was attempted of a profile handle that is not valid on the QWTSETP API.

R

An update was attempted to an object that is read only. (Enhanced hardware storage protection is logged only at security level 40.)

S

A sign-on was attempted without a user ID and password.