Monitoring data access using Db2 traces

Payment Card Industry Data Security Standard (PCIDSS) and similar regulatory standards imply the monitoring of database events such as access by privileged users, invalid logical access attempts, the creation and deletion of system-level objects, backups, and all accesses to sensitive data such as credit card and other account numbers, and sensitive health-related information. (For more information, see https://www.pcisecuritystandards.org/documents/PCIDSS_QRGv3.pdf.)

BMC AMI Defender monitors these and similar types of events, but the events are generated for Db2 only if Db2 is properly configured to start the appropriate traces, as Db2 terms the generation of SMF records for specific event types.

The proceeding table under IFCID-descriptions gives the Db2 IFCID number associated with a particular type of event to be monitored, such as privileged user accesses.

BMC usually recommends the use of the traces indicated with a green background in the table, but each installation must evaluate for themselves which traces are appropriate for their particular security and compliance needs.

This section provides information about the following topics : 

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*