Kisco Systems

Kisco U

System audit values for iEventMonitor features

Home : Kisco U : System audit values for iEventMonitor features

The system audit value QAUDLVL (or QAUDLVL2 depending on your system configuration) will be need to set for the various audit functions to work. Here is a list of the Audit Codes in iEventMonitor along with the system audit values that will cause them to be activated:

AD - Auditing changes - *SECURITY or *SECCFG
AF - Authority failures - *AUTFAIL
AX - Row and column access control - *SECURITY or *SECRUN
CD - Command line use for registered user profiles - Controlled by iEventMonitor, no system audit value needed
CP - User profiles changed, created or restored - *SECURITY or *SECCFG
DO - Object Deletes - *SECURITY or *DELETE set for individual object auditing
DS - DST password reset - *SECURITY or *SECCFG
EV - System environment variables - *SECURITY or *SECCFG
OW - Object ownership changes - *SECURITY, *SECDIRSRV, *SECRUN or *CHANGE set for individual object auditing
PS - Profile swaps - *SECURITY or *SECVFY
PW - Invalid passwords - *AUTFAIL
SK - Secure socket connections - *NETCMN, *NETFAIL, *NETSCK, *NETSECURE, *NETTELSVR or *NETUDP
SO - Server security user information actions - *SECURITY or *SECCFG
ST - Use of service tools - *SERVICE
SV - System value changes - *SECURITY or *SECCFG