Context objects for security auditing

Each event has an associated set of information that is available for logging. This information is grouped into specific context objects. The context objects that are available for logging a specific event are specified by the event type. All event types have the sessionContextObj, eventContextObj, accessContextObj, propogationContextObj, processContextObj and registryContextObj objects. This topic specifies which additional context objects are available for each event type.

Table 1. Context objects associated with event types. The following table describes the context objects associated with event types.
Event Type Additional Context Objects
SECURITY_AUTHN authnContextObj, providerContextObj
SECURITY_AUTHN_DELEGATION delegationContextObj
SECURITY_AUTHN_MAPPING authnMappingContextObj, providerContextObj
SECURITY_AUTHZ providerContextObj, policyContextObj
SECURITY_ENCRYPTION keyContextObj
SECURITY_MGMT_AUDIT mgmtContextObj
SECURITY_RESOURCE_ACCESS responseContextObj
For more details on the auditable data that is gather for each of these context objects, see the information for context object fields.



Related tasks
Enabling the security auditing subsystem
Creating security auditing event type filters
Related reference
Context object fields
Reference topic Reference topic    

Terms of Use | Feedback

Last updatedLast updated: Sep 19, 2011 5:16:49 PM CDT
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=matt&product=was-base-iseries&topic=rsec_sa_coxtent_objects
File name: rsec_sa_context_objects.html