Prodata Computer Services

DBU Audit Journal Plug-in Documentation

 

DBU audit works by journaling all adds, changes, deletes, reactivation of deleted records and viewing of sensitive data made by users through DBU to a standalone IBM journal. DBU Audit goes beyond the base DBU change logs by storing the data in journals rather than spooled files. This simplifies the ability to track and report on changes to your database files for regulatory compliance management or internal control requirements.

 

The DBU Audit Journal Plug-in does use the mechanics of OS/400 journaling.  Through our proprietary software, journal entries are written to a receiver for only the data manipulation made with DBU.  This will not affect any current journaling of the files that may be in place using the OS/400 or i5/OS journaling procedures.

 

If your security strategy dictates the need you can use object level authorization to secure the command, menu and associated option commands.  The associated option commands appear to the right of the menu option.

 

DBUAUDMN

 

To access the DBU Audit Journal Menu from a command line (with DBU70 in your library list) execute the command DBUAUDMN

 


The above display is the DBU Audit Journal Menu

 

Option 1.  DBUSTRAUD

 

This option starts the DBU Audit Journal (notice status line indicates it is not active, in the previous display screen).

 

 

The above screen is presented using option 1.  The defaults are recommended however you can designate a different library and Audit Extract file naming convention here.  Once you press <enter> here you are returned to the Audit Journal Menu display.

 

 

Notice that the status line indicates it is now active.

 

Option 2.  DBUENDAUD

 

This option is used to end the DBU Audit Journal.  There are no parameters for this option.

 

Option 3.  DBUAUD

 

Once you have started the Audit Journal and made changes/deletes/adds using DBU to a file, this option will display the changes/deletes/adds/views (if designated in option 8).

 

After taking option 3 this will be the display screen presented.  Just key in the file and library name that you have DBU’d.

 

 

We have changed a record in the demonstration file that is shipped with DBU70 called DBPDEMO.  Once you enter the file name and press <enter> you will be presented with the following screen.

 

On this screen you should be able to take the defaults however the F1 key is available for the standard IBM help definitions for each parameter.  Option 9 from the Audit Journal Menu will display the Audit Journal receivers available by name.

 

Once you press <enter> you will be taken into the DBU Display of the entries in the Audit Journal for the file you designated.  This is the standard DBU display, you may use the F4 key to obtain the field listing and you may select the fields to display.  Notice that if there was a change made you will see a before (Entry Type field) and after (designated by UB and UP respectively) you will also see the changed field highlighted.  Other Entry Types are added (PT), deleted (DL), retrieved (RD) and viewed if designated using option 8 (VW).

 

Option 4.  DBUEXTAUD

 

Option 4 is used to create extract files from the journal receiver specified.  After taking option 4 you are presented with the following display, you may enter a specific file name or you can use *ALL to extract all journal entries made by DBU on all files.

 

After processing you will be returned to the Audit Journal Menu.  Extracted files will be available for viewing or producing printed reports.

 

Option 5.  DBUAUDFIL

You can use option 5 to view the extracted files.  There are no parameters for this option, once you have taken option 5 you will presented with the following display.

 

 

This will be a listing of the extract files available.  Notice the Text column tells you system name, library and object name of the object that DBU was used on.  Use a 1 to select the desired extract file and you will again be presented with the standard DBU screen with all DBU functionality.  F3 from this display will return you to the Audit Journal Menu.

 

Option 6.  DBUWRKAUD

 

Option 6 allows you to work with the extracted audit files.  There are no parameters for this option.  After taking this option you will be presented with the following display.

 

 

You may use this option to maintain the extracted audit files.  You will need to delete files as necessary from this display.  Any extract files can be reproduced providing the journal receivers that the extract came from are still on the system.

 

Option 7.  DBUCLRAUD

 

Option 7 allows you to clear all extracted files from the Audit library.  Once you have taken this option you are presented with a confirmation screen for the clear Audit library function.  Using this option will not clear the journal receivers from the Audit library.

 

Option 8.  DBUSETJRN

 

Option 8 allows you to specify files that you would like journal entries made for objects that have been viewed.  This function was created for sensitive data that you not only need to track changes/adds/deletes but also any views to the data through the use of DBU.  Taking this option you will be presented with the following display.

 

 

Here you may enter specific object names and libraries, you may also enter *ALL for the object name and specify the library and all objects viewed by DBU within that library will have journal entries for any data viewed.  Caution should be exercised using this option as multiple journal entries can easily be created by experienced DBU users.  It is however an effective tool for detailing views of records with sensitive data.  Once you enter the object/library name just press <enter> and you will be returned to the Audit Journal Menu.

 

Option 9.  DBUAUDRCV

 

Option 9 allows you to work with the journal receivers.  You can maintain the journal receivers from this option.  Journal receivers will automatically be generated when necessary. If you attempt to delete a journal receiver and it has not yet been saved you will receive CPA7025 informing you that the receiver has not been saved, if your audit strategy dictates the need you should reply to the message with a ‘C’ for cancel and save the journal receiver to backup media using standard OS commands.  If however you do not wish to save the journal receiver you can reply to the CPA7025 message with an ‘I’ to ignore and the object will be deleted.

 

Option 10.  DBUPRTJRN

 

This option gives you the ability to produce printed reports based on the information in the extracted files.  Taking this option presents you with the following display.

 

 

You may take the *ALL default to produce reports for all extracted files however you may also designate by name which extracted files to produce the report from.  If you are uncertain which extract files you would like to produce reports from you can type the first letter of the extract file naming convention (DBUJ is the default) followed by an asterisk (*) and press <enter> and you will presented with a listing of all of the extract files. You may then individually select which file to produce the report from (only one selection at a time is allowed). You may also designate an output queue and library for the spooled file to be sent to.  If you do not designate an output queue the default output queue for the current job is used.

 

Option 11.  DBUAUDACT

 

Option 11 is used to identify when and who starts and stops the DBU Audit Journal.  Taking this option will present the following display.

 

 

You may use the defaults or specify the journal receiver to look in, once you press <enter> you will be presented with the standard DBU display.  Entry Types marked JF are the start of the Audit Journal and EF is the ending of the Audit Journal.  This gives you the ability to identify who has started and stopped the Audit Journal.