Audit Journal Manager is a specialist utility for real-time monitoring, alerting, and reporting on the IBM i system audit journal, QAUDJRN—the key place for logging security-related events.
Systems administrators can define the type of events they want to monitor and Audit Journal Monitor will proactively monitor the journal for these events and automatically perform pre-defined actions.
Comprehensive filters can also be set up to ignore unimportant entries while escalating actions can be defined to draw your attention to critical events you need to know about.
You can also run customized reports based on specific audit criteria or use any of the 34 pre-supplied reports to get a detailed view of user activity with QAUDJRN.
You need to know when sensitive objects are created, deleted, restored, moved, or renamed and when ownership to that object or access rights are changed. These actions could be accidental…but they could also be intentional.
For example, a user might be attempting to access an object that they are not authorized to, such as the supplier master file. Audit Journal Manager can detect access attempts and authority failure and bring them to the right person’s immediate attention.
It also helps you keep an eye on user profile swapping and can analyze and monitor changes made to user profiles, such users changing their authority to *SECADM.
You can track changes to system values and quickly detect invalid sign on attempts, especially if this happens to be QSECOFR.