SAF-rule controlled auditing in effect, auditing possible

When SAF-rule controlled auditing is in effect, and auditing is to occur for the Db2® system, the actual decision on whether or not to create an audit log depends on the Db2® object name being processed.

Therefore, when you press Enter on the editor function entry panel, a check is made to see if auditing should occur for the current editor type (browse or edit) and the Db2® object name.

If the Create audit trail (*) option is set appropriately (that is, it matches the auditing requirement as specified in the relevant SAF rule), processing continues, the data is displayed, and audit records are written, or not, depending on the option selection.

If you have not selected the Create audit trail (*) option and auditing is required, the function entry panel is re-displayed with a message to indicate that auditing is required. You will not be able to process the object until the audit option is selected.

If you have selected the Create audit trail (*) option and auditing is not required, the function entry panel is re-displayed with a message to indicate that auditing is not required. You will not be able to process the object until the audit option is un-selected.

Note that both the previous scenarios assume that you do not have audit control access for the Db2® object in question. If you do have control level audit access for the Db2® object, the current value of the Create audit trail (*) option determines whether or not audit records are written.

Related references

• Editor Options (1 of 8) panel
• Db2 Edit panel
• Db2 View panel