System Values Acct Attributes

The System Values Acct attribute group contains attributes that you can use to monitor system values for accounting.


ORIGINNODE The host name for the monitored system. The valid value is an alphanumeric string with a maximum length of 64 characters.

QABNORMSW Indicates the status of a previous end of a system. The valid values include:

*YES

Previous end of system was not normal.

*NO

Previous end of system was normal.

QACGLVL The accounting level of the system. The valid values include:

*NONE

Indicates that no accounting information is written to a journal.

*JOB

Indicates that job resource use is written to a journal.

*PRINT

Indicates that resource use for spooled and nonspooled print files is written to a journal.

QACTJOB The initial number of active jobs for which auxiliary storage is to be allocated during an initial program load (IPL). The valid value is an integer in the range 1 through 32767.

QADLACTJ Indicates the additional number of active jobs for which auxiliary storage is to be allocated when the initial number of active jobs (the system value *QACTJOB) is reached. The valid value is an integer in the range 1 through 32767.

QADLSPLA Indicates the additional storage to add to the spooling control block. The valid value is an integer in the range 1024 through 32767.

QADLTOTJ Indicates the additional number of jobs for which auxiliary storage is to be allocated when the initial number of jobs (system value QTOTJOB) is reached. The valid value is an integer in the range 1 through 32767.

QAUDCTL This system value that controls whether auditing is done for objects and users' actions. It also allows you to specify the level to be performed. The valid values include:

*NONE

These changes are not audited.

  • object

  • user actions

  • QAUDLVL

*OBJAUD

Objects selected by the Change Object Auditing Value (CHGOBJAUD) command are audited.

*AUDLVL

*QAUDLVL system value and CHGUSRAUD (AUDLVL) changes are audited.

QAUDENDACN Indicates the action to be taken if auditing data cannot be written to the security auditing journal. The valid values include:

*NOTIFY

 A journal entry was not written to the security auditing journal and a message was sent to the QSYSOPR and QSYSMSG message queues. The action that caused the audit to be attempted continues.

*PWRDWNSYS

If sending the audit data to the security audit journal fails, the system is ended with a system reference code (SRC). The system is then started in a restricted state on the following IPL.

QAUDLVL The security auditing level. The system values specifies the level of security auditing that should occur on the system. The valid values include:

*NONE

There is no auditing.

*AUTFAIL

These failures are audited.

  • all access failures (sign-on)

  • incorrect password or user IDs entered from a device

*CREATE

These objects are audited. (Objects created in the QTEMP library are not audited.)

  • new objects

  • objects created to replace existing objects

*DELETE

All delete operations of external objects on system. (Objects deleted from QTEMP are not audited.)

*JOBDTA

These actions are audited.

  • job start and job stop data

  • hold, release, change, disconnect, end, end abnormally, PSR (program start request) attached to prestart job entries, change to another user profile

*OBJMGT

These actions are audited.

  • moves of objects

  • renames of objects

*OFCSRV

These Office Vision for i5/OS tasks are audited.

  • changing the system distribution directory

  • opening a mail log for a different user

*PGMADP

Adopting authority from a program owner is audited.

*PGMFAIL

Integrity violations are audited (blocked instruction, validation value failure, domain violation).

*PRTDTA

These printing functions are audited.

  • printing a spooled file

  • printing with parameter SPOOL(*NO)

*SAVRST

These save and restore functions are audited. Restores for:

  • objects

  • programs that adopt the user profile for the owner

  • job descriptions that contain user's names

  • objects with changed ownership and authority

  • authority for user profiles

*SECURITY

These security functions are audited. Changes to:

  • object authority

  • profiles

  • object ownership

  • programs that will now adopt the profile for the owner

  • system values

  • network attributes

  • subsystem routing

  • QSECOFR passwords reset to the value shipped by DST

  • DST security officer password is requested to be defaulted

*SERVICE

These commands for system service tools are audited.

  • Dump Object (DMPOBJ)

  • Dump System Object (DMPSYSOBJ)

  • Dump Document Library Object (DMPDLO)

  • Start Copy Screen (STRCPYSCN)

  • Start Communications Trace (STRCMNTRC)

  • End Communications Trace (ENDCMNTRC)

  • Print Communications Trace (PRTCMNTRC)

  • Delete Communications Trace (DLTCMNTRC)

  • Print Error Log (PRTERRLOG)

  • Print Internal Data (PRTINTDTA)

  • Start Service Job (STRSRVJOB)

  • Start System Service Tools (STRSST)

  • Trace Internal (TRCINT)

*SPLFDTA

These actions for spooled files are audited.

  • create

  • delete

  • display

  • copy

  • get data

  • hold

  • release

  • change

*SYSMGT

These tasks for system management are audited.

  • changes for Operational Assistant* functions

  • operations with network files

  • changes to the system reply list

  • changes to HFS registration

  • changes to the DRDA* relational database directory

QBASACTLVL The base-storage-pool activity level. The value indicates how many system and user jobs can simultaneously compete for storage in the base storage pool. The valid value is an integer in the range 1 through 32767.