db2audit is a facility already present on DB2. It is a component that generates ogging for some security events on the database, for example authorization checking, security administration, users validation, changes in database objects.
It is an interesting way to investigate security questions in the database. db2audit basic commands.
There are some basic commands when using the db2audit.
db2audit start -> to start db2audit db2audit stop -> to stop db2audit db2audit describe -> to check status of db2audit (if it's running)

How Db2audit looks like
db2inst1@olimpio:/db/db2inst1/db2backup/home>db2audit describe DB2 AUDIT SETTINGS: Audit active: "TRUE " ---------> db2audit is running! Log audit events: "FAILURE" Log checking events: "FAILURE" Log object maintenance events: "FAILURE" Log security maintenance events: "FAILURE" Log system administrator events: "FAILURE" Log validate events: "FAILURE" Log context events: "NONE" Return SQLCA on audit error: "FALSE " Audit Data Path: "" Audit Archive Path: "" AUD0000I Operation succeeded. db2inst1@olimpio:/db/db2inst1/db2backup/home>db2audit describe DB2 AUDIT SETTINGS: Audit active: "FALSE " ---------> db2audit is NOT running! Log audit events: "FAILURE" Log checking events: "FAILURE" Log object maintenance events: "FAILURE" Log security maintenance events: "FAILURE" Log system administrator events: "FAILURE" Log validate events: "FAILURE" Log context events: "NONE" Return SQLCA on audit error: "FALSE " Audit Data Path: "" Audit Archive Path: "" AUD0000I Operation succeeded.
Advertisements