AUDIT [ ALLBASE/SQL Database Administration Guide ] MPE/iX 5.5 Documentation
ALLBASE/SQL Database Administration Guide
AUDIT
This command processes committed transactions for appropriate audit log
records and places the results in a file for user viewing.
Scope
SQLAudit Only
SQLAudit Syntax
SQLAudit >> AUDIT Beginning Audit Point File >> BEGINFILE Ending Audit
Point File >> ENDFILE Results File to be generated >> RESULTFILE Do you
wish to specify Partition Numbers (n/y) >> {n[o] } Partition Number >>
{y[es]}
{? }
{@ }
{PartNumber }
{DEF[INITION] }
{AUTH[ORIZATION]}
{STOR[AGE] }
{SECT[ION] }
Parameters
BeginFile is the name of the file containing the beginning
audit point information. If only a carriage
return is entered, SQLAudit tries to find the
first committed transaction for each partition
specified.
EndFile is the name of the file containing the ending
audit point information. If a carriage return is
entered, SQLAudit uses the current audit point
information for the DBEnvironment.
ResultFile is the name of the file that will be generated.
This file contains the output of the AUDIT
command in a user-readable format. If a carriage
return is entered, SQLAudit sends the generated
results to the standard output. If the file
specified already exists, you will be prompted to
either purge, overwrite, or append the existing
file. Enter ResultFile in all uppercase letters
if you wish to see the file from within SQLAudit.
NO or YES respond NO to select all partitions; respond YES
if you wish to specify your own list of
partitions.
? displays a list of partitions having committed
transactions.
@ selects all partitions.
PartNumber is the number for a partition that you wish to
audit.
Description
* The default is to process audit log records (for all partitions)
generated between the beginning and ending audit points. This
makes the list of partitions to be audited equal to the number of
partitions that had transactions committed between the beginning
and ending audit points.
* You may specify a set of partitions to be audited if you want to
narrow down the number of records to process. When a list of
partitions is specified, only transactions changing data in the
given set of partitions are audited.
* When specifying a list of partitions, only one partition is
allowed per input line. At any time you can enter an at sign (@)
at the prompt to select all partitions. Entering a question mark
displays a list of partitions that have committed transactions.
Entering a carriage return ends the Partition Number prompt.
* Partitions must be specified by number for user defined
partitions. Examples of user defined partitions are DEFAULT
PARTITION, COMMENT PARTITION, and partitions created through the
CREATE PARTITION command.
* System defined partitions such as DEFINITION, AUTHORIZATION,
STORAGE, and SECTION (created through the START DBE command) are
specified by name. These partitions are defined when the user
specifies AUDIT ELEMENTS of DEFINITION, AUTHORIZATION, STORAGE, or
SECTION in the START DBE command.
* If no beginning audit point is specified, SQLAudit attempts to
process transactions starting from the beginning of log history.
When this happens, if SQLAudit is unable to find the first
transaction that has changed a given partition, a warning is
returned and the partition is removed from the list of partitions
to be processed.
* If no ending audit point is specified, SQLAudit determines the
audit point information as of the last log record written and uses
this for the ending audit point.
* If no result file is specified, SQLAudit automatically sends all
generated results of the audit to standard output.
* If an error occurs while writing records to the result file,
SQLAudit creates a file to hold the generated audit point
information. This recovery file can be used just like any other
audit point file (for example, as the beginning audit point file),
except for use with the LOCK AUDITPOINT command. This audit point
information can be particularly useful if errors such as FILE
SYSTEM FULL are encountered while writing to the result file. The
default name of this file is SQLAUREC but can be changed through
the command SET RECOVERFILE. If SQLAudit needs to create this
file, an error will occur if the file already exists.
Authorization
DBA authorization is required in order to use this command.
Example
SQLAudit >> AUDIT
Beginning Audit Point File >> STARTPT
Ending Audit Point File >> STOPPT
Result File to be generated >> RESULTS
Do you wish to specify Partition Numbers (n/y) >> yes
Please enter Partition Numbers or System Partition Names. Type @ for all,
? for a list of Partitions, or RETURN to finish. Valid System
Names are DEF[INITION], AUTH[ORIZATION], STOR[AGE], and SEC[TION].
Partition Number >> 1
Partition Number >> 2
Partition Number >>
Generating Results ...
Records Audited: 10000 Records Generated: 10000
Records Audited: 20000 Records Generated: 20000
Records Audited: 24523 Records Generated: 24523
Finished Generating Results.
SQLAudit >>
The result file generated is in the format of ASCII records that can be
viewed by the user. An example of such a file is shown below:
***** SQLAUDIT: GENERATING RESULTS *****
Creator: DBAUSER Creation Time: 1993-05-11 14:22:16.531
BEGIN
INSERT (2) USER1.TABLE1 (123, 'test data', NULL, 1.23)
UPDATE (2) USER1.TABLE1 (123, 'test data', NULL, 1.23) ((3) 0x0000123C)
COMMIT User: USER1 Audit Name: MDBE1 Label: TRANS1
Time: 1993-05-11 10:15:00.123
BEGIN
DELETE (2) USER1.TABLE1 (123, 'test data', 0x0000123C, 1.23)
COMMIT User: USER1 Audit Name: MDBE1 Label: TRANS2
Time: 1993-05-11 10:15:01.455
End of File
MPE/iX 5.5 Documentation