Creating an Audit Trail Dataset
An Audit Trail dataset contains a record of all successful modifications to Db2 table data, including inserts, deletes, updates, commits, and rollbacks. The report displays the before and after image of the data. A sample Audit Trail report displays in Sample Audit Trail Report. When in your File-AID for Db2 edit session you edit a LOB column with the XLOB command (see XLOB), instead of displaying the before and after image of the LOB data, the report lists the names of the saved before and after XLOB audit trail files. Refer to XLOB Audit Trail Datasets for more information on XLOB audit.
Your ability to generate an audit trail is largely determined by decisions which were made when File-AID for Db2 was installed. If your site chose to never produce an audit trail, the Create Audit Trail field is not present on the Edit Options (Create Audit Trail Field on Edit Options Screen) or Batch Execute SQL (Batch Execute SQL) screen. If your site chose to always produce an audit trail, the field is present with a prefilled value of YES. You cannot change this value. The last option is to let the user, along with an audit trail exit routine, choose to produce an audit trail. In this case, the Create Audit Trail field is present on the Edit Options or Batch Execute SQL screen and the user can enter either YES or NO. If you enter YES, an audit trail is generated. If you enter NO, an audit trail is not generated unless an audit trail exit routine determines that one is mandatory for the selected object.
Create Audit Trail Field on Edit Options Screen
Initial Display Mode ===> 1 (1 - Table Mode, 2 - Row Mode)
Lock Table during Edit ===> NO (Yes or No)
Use Uncommitted Read ===> NO (Yes or No)
Maximum Rows To Select ===> 2000 (* for all rows)
SELECT FROM Temporal Table ===> N (Yes or No) *None*
Create Audit Trail ===> NO (Yes or No)
Relationship File ===>
SMF Audit Trail Option
If your site chooses to direct File-AID for Db2 audit trail records to the SMF log, File-AID for Db2 creates an audit record each time you browse or edit an object and modify table data, then writes it to the SMF log. In addition, the Create Audit Trail field does not appear on the Edit Options or Batch Execute SQL screen, however, the message “Audit Trail Activated” displays at the start of the browse/edit session. Furthermore, Audit Trail Print Facility, and Option 5, Print Audit Trail will not be available. For more information, see the Configuring BMC AMI DevX File-AID for Db2 on how to print File-AID for Db2’s audit trail records from the SMF log or how to modify the audit trail exit routine.
Audit Trail Print Facility
If you requested an audit trail report and made modifications to your data, the Audit Trail Print Facility window (Audit Trail Print Facility screen) displays when you exit from your edit session. If you want to print your audit trail, enter the required information and either SUB to submit the job, or JCL to edit the JCL, on the command line. If you enter JCL, you must still enter SUB on the command line to submit the job. Press END to save the audit trail dataset and exit the print facility without printing the data set. You can print an audit trail dataset at a later time through Option 5, Print. See Print-Table-Data-or-Audit-Trail-function for more information.
Audit Trail Print Facility screen
COMMAND ===>
Specify Printer Characteristics:
Printer Destination ===> PRINT1 Lines Per Page ===> 55
Sysout Class ===> G
Specify Audit Trail Options:
Dataset Name: 'USERID1.FADB2.D090509.T141645'
Description: USERID2.EMP has been edited___________________________________________________
____________________________________________________________________________________________
____________________________________________________________________________________________
____________________________________________________________________________________________
JOB Card Information:
----+----1----+----2----+----3----+----4----+----5----+----6----+----7----
//USERID1A
//*
//*
//*
Use SUB to submit the batch job; JCL to edit the generated JCL
Use END to save audit trail file and exit
Specify Printer Characteristics Area
Printer Destination
Enter the printer destination for the audit trail report.
Lines Per Page
Enter the number of lines to print per page.
Sysout Class
Enter the sysout class for the audit trail report.
Specify Audit Trail Options Area
Dataset Name
Specifies the audit trail dataset name. This name defaults to your most current audit trail dataset. You may not override the name.
Description
Specifies comments that are printed on the audit trail report. Up to four lines of comments may be entered.
Job Card Information
Enter a valid job card. See User Parms, Batch-Options for entering a default job card.
Sample Audit Trail Report
OBJECT NAME : USERID.EMP
OBJECT TYPE : TABLE
PRIMARY AUTHID : USERID
SECONDARY AUTHID : USERID2
DATABASE : USERIDDB
LOCATION : DSNLOC
CREATOR : USERID
NAME : EMP
AUDIT FILE SOURCE: EDIT/BROWSE
***
SESSION STARTED DATE - 08/17/2016, TIME - 07:43:51
***
ACTION : UPDATE
COLUMN NAME KY TYPE OLD DATA NEW DATA
----------- -- ---- -------- --------
EMPNO PK CH(6) 000020
FIRSTNAME VC(12) MICHAEL
LASTNAME VC(15) THOMPSON
PHONENO CH(4) 3476
HIREDATE DATE 1983-10-10
JOB CH(8) MANAGER
CH(8) DCDCDCDC 01234545
4151759 49953369
SALARY DEC(9,2) 412500.00 451000.00
BONUS DEC(9,2) 800.00 1000.00
COMM DEC(9,2) 3300.00 0.00
***
ACTION : COMMIT DATE - 08/17/2016, TIME - 07:49:23
***
EDIT SESSION TERMINATED DATE - 08/17/2016, TIME - 07:49:24
*** COMMENTS :
USERID.EMP has been edited
Audit Trail Dataset Usage and Maintenance
Each time an audit trail is generated, a new, variable blocked sequential dataset is created. Unless modified by the audit trail exit routine, the default audit trail dataset name is:
userid.FADB2.Dyymmdd.Thhmmss
For example:
File-AID for Db2 does not delete an existing audit trail dataset. It is therefore the user’s responsibility to perform regular DASD management.
While you are editing a table, a message may display advising you that the audit trail dataset is filled. If this happens, exit the edit session and begin a new session. File-AID for Db2 closes the filled audit trail dataset and allocates a new, uniquely named data set for the second edit session.
Once all editing for the specified object is completed, the audit trail datasets are merged if necessary. If this condition occurs frequently, ask the installer to increase the amount of space allocated to each audit trail dataset.
XLOB Audit Trail Datasets
When in your File-AID for Db2 edit session you edit a LOB column with the XLOB command (see XLOB) and “Create Audit Trail” is enabled, File-AID saves two copies of the XLOB work file, the before (old) and the after (new) XLOB audit trail files.
Before (Old):
hlq.userid.FADB2.X.Dyymmdd.Thhmmss.O
For example:
FD.TEMP1.USERID.FADB2.X.D160817.T073459.O
After (New):
hlq.userid.FADB2.X.Dyymmdd.Thhmmss
For example:
FD.TEMP1.USERID.FADB2.X.D160817.T073459
The after XLOB audit trail file has the same name as the temporary XLOB work file when Audit Trail is not used. The before XLOB audit trail file is identified by the suffix .O.
In an audit trail report with XLOB update (Sample Audit Trail Report with XLOB Update), instead of showing the before and after images, the report shows the message:
and lists the saved before and after XLOB audit trail file names:
FD.TEMP1.USERID.FADB2.X.D160817.T073459 (New)
If in the same Edit session more Update actions for other columns were made after the XLOB update process, instead of showing the before and after images, the report shows the message:
Just like the audit trail datasets, File-AID for Db2 does not delete any of the XLOB audit trail files. It is therefore the user’s responsibility to perform regular DASD management.
Sample Audit Trail Report with XLOB Update
OBJECT NAME : USERID.XLOB
OBJECT TYPE : TABLE
PRIMARY AUTHID : USERID
SECONDARY AUTHID : USERID2
DATABASE : USERIDDB
LOCATION : DSNLOC
CREATOR : USERID
NAME : XLOB
AUDIT FILE SOURCE: EDIT/BROWSE
***
SESSION STARTED DATE - 08/17/2016, TIME - 07:33:51
***
ACTION : UPDATE(XLOB)
COLUMN NAME KY TYPE OLD DATA NEW DATA
----------- -- ---- ---------------------------- -------------------------------------------
ID INT 10
BLOB_200 BLOB ..................
(ZONE) 000000000000000011111111111111114444444444
(NUMR) 0123456789ABCDEF0123456789ABCD000000000000
41 - 002 Regular Update
COMMENT_BLOB_200 CH(100) 30 LONG BYTES DATA
41 - 003 Regular Update
81 -
BLOB_2000 BLOB <<<< UPDATED BY XLOB PROCESS >>>>
FD.TEMP1.USERID.FADB2.X.D160817.T073459.0 FD.TEMP1.USERID.FADB2.X.D160817.T07345903
COMMENT_BLOB_2000 CH(100) 200 BYTES LONG DATA
41 -
81 -
CLOB_200 CLOB BLOB TEST DATA - 30 CHARACTERS
COMMENT_CLOB_200 CH(100) 30 BYTES LONG SBCS DATA
41 -
81 -
CLOB_2000 CLOB CLOB_2000 DATA - 200 CHARACTERS --+----4
41 - ----+----5----+----6----+----7----+----8
81 - ----+----9----+---10----+---11----+---12
121 - ----+---13----+---14----+---15----+---16
161 - ----+---17----+---18----+---19----+---20
COMMENT_CLOB_2000 CH(100) 200 BYTES LONG SBCS DATA
41 -
81 -
DB2_GENERATED_ROWID_FOR_LOBS ROWID %$#@*.....&[{........
(ZONE) BB57B9301105BC00000000
(NUMR) 94221F168410A010000021
DB2_GENERATED_DOCID_FOR_XML BGINT
***
.
.
.
***
ACTION: COMMIT DATE - 08/17/2016. TIME - 01:39:23
***
EDIT SESSION TERMINATED DATE - 08/17/2016. TIME - 01:39:24
*** COMMENTS :
***
ACTION : COMMIT DATE - 08/17/2016, TIME - 07:49:23
***
EDIT SESSION TERMINATED DATE - 08/17/2016, TIME - 07:49:24
*** COMMENTS :
USERID.EMP has been edited
Related topics