SAF rules for auditing
When auditing is determined by SAF rules:
- Auditing can be specified to either your audit log data set, to SMF, or to both destinations.
- All File Manager functions which access data sets and MQ data may be subject to audit.
- It determines if the Create audit trail option is displayed on the Edit Entry panel and the WebSphere® MQ Queue Editor Entry panel.
For the File Manager functions which SAF-rule controlled auditing may be applied to, the SAF rules can be specified at a resource or function level allowing auditing at the FUNCTION, UPDATE, or ALL level. Auditing at the ALL level indicates that record reads and updates are recorded, UPDATE indicates only inserted, deleted, or changed records are recorded, while FUNCTION records only the event.