Subsystem display, data sharing environments and controlled access
You can take advantage of the following additional features and capabilities when working with Log Master.
Db2 subsystem display features
You can view the following Db2 subsystem display features:
Active and archive log file information
Each ARCHIVE LOG command issued
List of checkpoint queue records
Support for Db2 data sharing environments
Log Master supports data sharing environments.
In a data sharing environment, Db2 tracks log records by log record sequence number (LRSN). In non-data sharing environments, Db2 uses the relative byte address (RBA) to track the log record.
Log Master displays both the RBA and the LRSN values for a log record. Because you can specify either an RBA or an LRSN when you search for log records, you can search for records that were created before or after you implemented data sharing. Under data sharing, Db2 interprets the addresses of log records as LRSNs. If the value of an LRSN indicates that the log record occurred before you implemented data sharing, Log Master interprets the address as an RBA when it processes the record.
Controlled access to the Db2 log
In addition to your security measures that ensure the integrity of the Db2 subsystem, you might want to control access to the Db2 log. Db2 log records contain the same information that is stored in your database. This information might include sensitive data, or data that must be protected from competitors.
The following Log Master features can help:
You can use installation options (also known as DOPTs) to direct Log Master to honor Db2 security at the table level for all Log Master jobs. If your environment enables this type of security, and the user ID of a job does not have the authorization required to access a given table, Log Master suppresses log records relating to the table in the job’s output. Depending on how you set the installation options, the job might not receive any notification that records have been suppressed.
Log Master honors Db2 security settings.Log Master honors either native DB2 security or external security (the DSNX@XAC exit provided by IBM RACF, CA Technologies CA-ACF2 for Db2 or CA-Top Secret for Db2, or other security packages).
You can conduct multiple scans of the Db2 log and create multiple logical logs. You can then secure each logical log separately to provide access only to authorized personnel.