Print Audit Log (PRTAUDLOG)

The Print Audit Log (PRTAUDLOG) command allows authorized users to print the Powertech Encryption for IBM i audit log entries. This command provides selection criteria of date and time ranges, audit types and user IDs.

How to Get There

From the Key Policy and Security Menu, choose option 20, Print Audit Log Report. Or, prompt (F4) the command CRYPTO/PRTAUDLOG.

Options

Start date (STRDATE)

Specify the starting date. All audit entries in the range from the starting date and time will be included in the report. The date should be specified in mmddyy or mmddccyy format, with or without date separators.

Start time (STRTIME)

Specify the starting time. All audit entries in the range from the starting date and time will be included in the report.

The time should be specified in 24-hour format, with or without a time separator.

End date (ENDDATE)

Specify the ending date. All audit entries in the range up to the ending date and time will be included in the report. The date should be specified in mmddyy or mmddccyy format, with or without date separators.

End time (ENDTIME)

Specify the ending time. All audit entries in the range up to the ending date and time will be included in the report.

The time should be specified in 24-hour format, with or without a time separator.

Journal entry type (JRNTYPE)

If the journal entry type parameter is left blank, then all Powertech Encryption for IBM i audit entries will be selected. Otherwise, if any journal entry types are entered, then only the entries which match those journal entry types will be selected.

You can specify up to 25 journal entry types to filter on.

Below is a list of Powertech Encryption for IBM i journal entry types.

01 - Key Policy setting(s) changed
02 - Key Officer added
03 - Key Officer changed
04 - Key Officer removed
05 - Master Key passphrase part loaded
06 - Master Key was Set
07 - Master Key cleared
08 - Key Store created
09 - Key Store translated
10 - Symmetric Key created
11 - Symmetric Key changed
12 - Symmetric Key copied
13 - Symmetric Key deleted
14 - Field Encryption Registry - Entry added
15 - Field Encryption Registry - Encryption Key changed
16 - Field Encryption Registry - Entry removed
17 - Field Encryption Registry - Entry activated
18 - Field Encryption Registry - Entry changed
19 - Field Encryption Registry - Entry deactivated
21 - Symmetric Key exported
22 - Field Encryption Registry - Unable to Activate Entry
23 - Field Encryption Registry - Unable to Deactivate Entry
24 - Field Encryption Registry - Entry copied
25 - Field Encryption Registry - SQL Triggers added to file
26 - Field Encryption Registry - SQL Triggers removed from fil
27 - Field Encryption Registry - Field keys translated
30 - Unable to encrypt/decrypt field using stored procedure
31 - Trigger exit program - Error occurred or return code of 'E'rror
32 - Trigger exit program - Return code of 'I'gnore
33 - Trigger exit program - Return code of 'P'rocess with message
34 - Unable to send Security Alert
35 - Alert added
36 - Alert changed
37 - Alert deleted
40 - Data encrypted with Key that requires logging
41 - Data decrypted with Key that requires logging
50 - Authority error
User profile (USERPRF)

Specify the user profile(s) to select in the audit log.

The possible values are:

user-profile-name
Specify the user profile name to select.
*ALL
All users will be selected.

Example

A formatted report will be generated with the audit log entries. For each audit entry printed, it will include the audit date, time, user, job name, job number, audit type and message.         

11/13/08 13:14:38    Powertech Encryption for IBM i Audit Log

 

Date Time Type User Job Name Job # System

---------- -------- ---- ---------- ---------- ------ --------

06/01/2008 15:21:01 06 MSMITH QPADEV0001 657766 PRD54

CRA0018 AUDIT: Key store PRODDATA/KS1 was created.

 

06/02/2008 15:22:35 10 MSMITH QPADEV0001 657766 PRD54

CRA0020 AUDIT: Key CREDIT_CARD_KEY created in Key Store PRODDATA/KS1.

06/03/2008 15:45:12 41 MARYJ QPADEV0006 657766 PRD54

CRA0043 AUDIT: Key SSN_KEY in PRODDATA/KS2 used to DECRYPT data. SSN for cust. 837626

06/03/2008 15:45:12 41 MARYJ QPADEV0006 657766 PRD54

CRA0043 AUDIT: Key BA_KEY in PRODDATA/KS2 used to DECRYPT data. Bank# for cust. 837626

06/03/2008 15:45:12 41 MARYJ QPADEV0006 657766 PRD54

CRA0043 AUDIT: Key CREDIT_CARD_KEY in PRODDATA/KS1 used to DECRYPT data. Credit Card

Number for cust. 837626

06/15/2008 09:33:58 05 JSCHMIT QPADEV0008 659540 PRD54

CRA0011 AUDIT: Master Key 1 passphrase part 1 loaded.

06/15/2008 09:34:09 05 JSCHMIT QPADEV0008 659540 PRD54

CRA0011 AUDIT: Master Key 1 passphrase part 2 loaded.

Report Example