The SYSAUDITPOLICIES table contains one row for each audit policy.
The schema is SYSIBM.
A user with SECADM authority has the privilege to select from, insert, update, or delete from this catalog table.
A user with SQLADM, system DBADM, DATAACCESS, ACCESSCTRL, SYSCTRL or SYSADM authority has the privilege to select from this catalog table.
If a view is created on this catalog table, the DATAACCESS authority can perform insert, update, and delete on the view to indirectly insert, update, and delete
on the catalog table.
| Column name |
Data type |
Description |
Use |
| AUDITPOLICYNAME |
VARCHAR(128)
NOT NULL |
Name of the audit policy. The name must be an identifier of 1 to 128 characters and must begin with a letter.
Any other values result in an error being returned when audit policy is started. |
G |
| OBJECTSCHEMA |
VARCHAR(128)
NOT NULL
WITH DEFAULT |
Schema of the audited object.
The object schema only applies to categories, OBJMAINT and EXECUTE. |
G |
| OBJECTNAME |
VARCHAR(128)
NOT NULL
WITH DEFAULT |
Name of the object. The object name only applies to categories, OBJMAINT and EXECUTE.
Object name can be specified using an SQL LIKE predicate.
If the object name is specified using an SQL LIKE predicate, it has to be specified as a delimited identifier.
The escape character to be used for the SQL LIKE predicate is obtained from RGFESCP subsystem parameter.
If not specified, the default escape character is '+'. |
G |
| OBJECTTYPE |
CHAR(1)
NOT NULL
WITH DEFAULT |
Type of the object.
- C
- Clone table
- P
- Implicit table created for XML columns
- T
- Table
- blank
- All of the above object types
- All other values
- Error when audit policy is started
The object type only applies to categories, OBJMAINT and EXECUTE |
G |
| CREATEDTS |
TIMESTAMP
NOT NULL
WITH DEFAULT |
The time when the row was inserted. |
G |
| ALTEREDTS |
TIMESTAMP
NOT NULL
WITH DEFAULT |
The time when the row was last updated. |
G |
| CHECKING |
CHAR(1)
NOT NULL
WITH DEFAULT |
Indicates if authorization and authentication failures are audited:
- A
- Audit all failures (Authorization and authentication failures)
- blank
- Audit none
- All other values
- Error when audit policy is started
|
G |
| VALIDATE |
CHAR(1)
NOT NULL
WITH DEFAULT |
Indicates if auditing is enabled for when a trusted connection is established or used by a different user:
- A
- Audit all
- blank
- Audit none
- All other values
- Error when audit policy is started
|
G |
| OBJMAINT |
CHAR(1)
NOT NULL
WITH DEFAULT |
Indicates if auditing is enabled for when the table that is identified by OBJECTSCHEMA, OBJECTNAME, and OBJECTTYPE columns is altered or dropped:
- A
- Audit when the specified table is altered or dropped
- blank
- Audit none
- All other values
- Error when audit policy is started
|
G |
| EXECUTE |
CHAR(1)
NOT NULL
WITH DEFAULT |
Indicates if auditing is enabled for when the table identified that is by the OBJECTSCHEMA, OBJECTNAME, and OBJECTTYPE columns is accessed during
the first operation performed by each unit of work.
Also, records bind time information about SQL statements that involve tables that are identified by the OBJECTSCHEMA, OBJECTNAME, and OBJECTTYPE.
- A
- Audit when the specified table is accessed during the first operation of any kind performed by each unit of work of a utility or application process.
- C
- Audit when the specified table is accessed during the first insert, update, or delete operation performed by each unit of work.
- blank
- Audit none
- All other values
- Error when audit policy is started
|
G |
| CONTEXT |
CHAR(1)
NOT NULL
WITH DEFAULT |
Indicates if auditing is enabled for the start of a utility, a change to a utility object or phase, and the end of utility:
- A
- Audit all utilities
- blank
- Audit none
- All other values
- Error when audit policy is started
|
G |
| SECMAINT |
CHAR(1)
NOT NULL
WITH DEFAULT |
Indicates if auditing is enabled for when a grant or revoke is made or a trusted context is created or altered:
- A
- Audit all
- blank
- Audit none
- All other values
- Error when audit policy is started
|
G |
| SYSADMIN |
VARCHAR(128)
NOT NULL
WITH DEFAULT |
Indicates if auditing is enabled for when an operation is performed using an administrative authority to perform system administration tasks:
- blank
- Audit none
- *
- Audit all the authorities
- I
- Installation SYSADM
- L
- SYSCTRL
- O
- SYSOPR
- R
- Installation SYSOPR
- S
- SYSADM
- All other values
- Error when audit policy is started
The value of SYSADMIN can be a concatenated string of all supported values.
For example, 'LOS' would indicate auditing of any operation that is performed using the administrative authorities:
SYSCTRL, SYSOPR, and SYSADM. Multiple occurrences of a value are ignored. |
G |
| DBADMIN |
VARCHAR(128)
NOT NULL
WITH DEFAULT |
Indicates if auditing is enabled for when an operation is performed using an administrative authority to perform database administration tasks:
- blank
- Audit none
- *
- Audit all the authorities
- B
- System DBADM
- C
- DBCTRL
- D
- DBADM
- E
- SECADM
- G
- ACCESSCTRL
- K
- SQLADM
- M
- DBMAINT
- P
- PACKADM
- T
- DATAACCESS
- All other values
- Error when audit policy is started
The value of DBADMIN can be a concatenated string of all supported values.
For example, 'BMP' would indicate auditing of any operation that is performed using the administrative authorities:
System DBADM, DBMAINT, and PACKADM.
Multiple occurrences of a value are ignored. |
G |
| DBNAME |
VARCHAR(24)
NOT NULL
WITH DEFAULT |
Database name.
The database name can be used to specify the database for auditing DBADM, DBCTRL, and DBMAINT authorities.
If the database name is not specified, then all the databases, including implicit databases are audited.
If the database name is specified, it only applies to DBADM, DBCTRL, and DBMAINT authorities in category, DBADMIN. |
G |
| COLLID |
VARCHAR(128)
NOT NULL
WITH DEFAULT |
Name of the package collection. The package collection can be used to specify the collection name for auditing PACKADM authority.
If specified, all packages in that collection are audited.
If the collection name is not specified, packages in all collections are audited. If the package collection is specified, it only applies to PACKADM authority
in category, DBADMIN. |
G |
| DB2START |
CHAR(1)
NOT NULL
WITH DEFAULT |
Indicates if audit policies are to be started automatically during Db2 start up. Up to 8 audit policies can be specified.
- Y
- Audit policy will be started automatically during Db2 startup.
- S
- Audit policy will be started automatically during Db2 startup. The audit policy can be stopped only by a user with SECADM authority.
- N
- Audit policy will not be started automatically during Db2 startup.
|
G |
| IBMREQD |
CHAR(1)
NOT NULL |
A value of Y indicates that the row came from the basic machine-readable material (MRM) tape.
For all other values, see Release dependency indicators.
The value in this field is not a reliable indicator of release dependencies. |
G |
| SYS_START |
TIMESTAMP(12)
NOT NULL
GENERATED ALWAYS
AS ROW BEGIN |
Reserved for future IBM® use. |
G |
| SYS_END |
TIMESTAMP(12)
NOT NULL
GENERATED ALWAYS
AS ROW END |
Reserved for future IBM use. |
G |
| TRANS_START |
TIMESTAMP(12)
NOT NULL
GENERATED ALWAYS
AS TRANSACTION
START ID |
Reserved for future IBM use. |
G |
