iSeries SQL Auditing
|
|
|
Bsafe's ‘Audit SQL for iSeries' feature allows you to monitor and audit iSeries SQL statements handled by the iSeries SQL server, including those executed in interactive SQL processes, embedded SQL in RPG and other high level languages, DRDA, DDM, ODBC and OS/400 queries.
|
|
|
The SQL statements are identified by the SQL monitor, and logged in the Bsafe database so they can be audited by the administrator or auditor.
|
|
|
|
|
Simpler Auditing of iSeries SQL Functions
|
|
|
The iSeries SQL audit function is an integral part of the Bsafe/Enterprise Security iSeries security software. Like the other protection and auditing functionality in the product, Bsafe's iSeries SQL audit tool is designed to facilitate auditing activity and make the task of auditing on the AS400 quick and simple for non-technical personnel. Starting and ending the monitor is done instantly by selecting the appropriate option in the menu. Once the monitor is started, SQL statements are logged and available for viewing.
|
|
|
Using the filter screen, the period required for the iseries SQL commands, type of SQL statement, user and iSeries job can be specified to display a specific subset of the SQL statements monitored.
|
|
|
|
|
|
When displaying the log of SQL statements, the view can be compressed to show more statements on a single screen, or expanded to show the first part of the statement without the need to drill down to the detailed event view. In either case, the full SQL statement syntax can be viewed by displaying a statement in detail. See SQL Log details screen below.
|
|
|
|
|
Strategies for the iSeries SQL Audit
|
|
|
The SQL audit can be kept running all the time, or can be used to collect SQL commands for a limited period. Ongoing monitoring gives you the benefit of reviewing activity that has already taken place, whereas the latter approach keeps system overheads to a minimum, and is ideal for handling short-term investigations. The strategy adopted often depends on the intensity of activity in a company's systems. Compromise approaches include monitoring all activity, while purging the logged SQL statements frequently, and logging normal, mainly interactive activity during the day, while switching off the SQL monitor for the more IO-intensive processing of SQL tables via batch jobs at night.
|
|
|
The flexibility of Bsafe's iSeries SQL Audit is provided in the runtime parameters start time, end time, maximum events and delay interval, all of which can be set at the start of monitoring, or while the SQL monitor is running.
|
|
|
See also:
|
|
|
|
|
|
