How do I monitor for use of Query Related (SQL) commands on my AS/400? (NETIQKB34897)

  • Document ID:7734897
  • Creation Date:02-Feb-2007
  • Modified Date:08-Oct-2007
    • Micro Focus Products:
      Security Solutions for iSeries

Resolution

goal
How do I monitor for use of Query Related (SQL) commands on my AS/400?

fact
VigilEnt Security Agent for iSeries PSAudit 5.4

fact
VigilEnt Security Agent for iSeries 5.4/7.0

fact
System Auditing and Reporting (SAR)

fix

PTFs 1A01551, G1A01501, G1C01516 and 1I01502 must be applied for SQL/QRY Auditing to run properly.

To monitor for use of the Query Related commands, follow these steps:

  1. Use Command DSPPTF 1PSA001 to confirm that the following PTFs have been applied:

    • 1A01551
    • 1A01552
    • 1A01553
    • 1A01554
    • 1A01555
    • 1A01556
    • 1A01557
    • 1A01558
    • 1A01559
    • 1A01560
    • 1A01561
    • 1A01562
    • 1A01563
    • 1A01564
    • 1A01565
    • 1A01566
    • 1A01567
    • 1A01568
    • 1A01570

  2. Use Command DSPPTF 1PSC001 and confirm that the following PTFs have been applied: 

    • 1C01759
    • 1C01760
    • 1C01761
    • 1C01762
    • 1C01763
    • 1C01764
    • 1C01765
    • 1C01766
    • 1C01767

  3. Use Command DSPPTF 1PSI001 and confirm that the following PTF has been applied: 

    • 1I01502

  4. If the above PTFs have been applied, continue as noted below.  Otherwise, contact Technical Support to obtain the PTFs.

  5. On a Command Line type PSMENU , and press Enter.

  6. Select Option 1 PSAudit, and press Enter.

  7. Select Option 1 System Auditing and Reporting, and press Enter.

  8. Select Option 7 System Setup and Defaults Menu, and press Enter.

  9. Select Option 28  Work With SQL/QRY Auditing.

  10. Use Option 1 to turn on auditing for the commands you wish to audit, and press Enter.

  11. Press F12 to return to the previous menu.

  12. Select Option 26  Start SQL/QRY Monitor. This option starts subsystem ZQSBS. 


Additional Information

Formerly known as NETIQKB34897