Symantec Enterprise Security Manager IBM DB2 Modules User Guide for Windows and UNIX. Version 4.6

Similar documents
Symantec Enterprise Security Manager IBM DB2 Modules User Guide for Windows and UNIX. Version 4.2

Symantec Enterprise Security Manager Modules for IBM DB2 Databases (Windows) User s Guide 3.0. Release for Symantec ESM 6.5.x and 9.

Symantec Enterprise Security Manager Baseline Policy Manual for CIS Benchmark. For Red Hat Enterprise Linux 5

Symantec Enterprise Security Manager Modules for Oracle Release Notes

Symantec Enterprise Security Manager Baseline Policy Manual for CIS Benchmark. AIX 5.3 and 6.1

Symantec Enterprise Security Manager Baseline Policy Manual for Security Essentials. Solaris 10

Altiris Software Management Solution 7.1 from Symantec User Guide

Configuring Symantec. device

Veritas CommandCentral Enterprise Reporter Release Notes

Security Content Update Release Notes for CCS 12.x

Configuring Symantec Protection Engine for Network Attached Storage for Hitachi Unified and NAS Platforms

Symantec Encryption Management Server and Symantec Data Loss Prevention. Integration Guide

Symantec NetBackup Vault Operator's Guide

IM: Symantec Security Information Manager Patch 4 Resolved Issues

Symantec Enterprise Vault Technical Note

Altiris Client Management Suite 7.1 from Symantec User Guide

Configuring Symantec AntiVirus for BlueArc Storage System

Symantec Security Information Manager FIPS Operational Mode Guide

Symantec Workflow Solution 7.1 MP1 Installation and Configuration Guide

Veritas Storage Foundation and High Availability Solutions Getting Started Guide

Veritas Cluster Server Application Note: High Availability for BlackBerry Enterprise Server

Symantec NetBackup for Lotus Notes Administrator's Guide. Release 7.6

Symantec Enterprise Security Manager Modules for Microsoft SQL Server Databases Release Notes. Release 2.1 for Symantec ESM 6.0, 6.1, and 6.5.

Symantec Endpoint Protection Integration Component User's Guide. Version 7.0

Veritas Operations Manager Storage Insight Add-on for Deep Array Discovery and Mapping 4.0 User's Guide

Veritas Desktop and Laptop Option 9.2. Disaster Recovery Scenarios

Symantec Enterprise Security Manager JRE Vulnerability Fix Update Guide

Security Content Update Release Notes. Versions: CCS 11.1 and CCS 11.5

Veritas Dynamic Multi-Pathing readme

Altiris IT Analytics Solution 7.1 from Symantec User Guide

Veritas Storage Foundation and High Availability Solutions Getting Started Guide

PGP Viewer for ios. Administrator s Guide 1.0

Veritas System Recovery 18 Linux Edition: Quick Installation Guide

Symantec ApplicationHA Release Notes

Symantec Enterprise Vault

Symantec NetBackup Appliance Fibre Channel Guide

Symantec Enterprise Vault Technical Note

Symantec Enterprise Security Manager Microsoft SQL Modules User Guide. Version 4.1.2

Veritas Storage Foundation and High Availability Solutions HA and Disaster Recovery Solutions Guide for Microsoft SharePoint Server

Symantec Backup Exec System Recovery Granular Restore Option User's Guide

PGP Viewer for ios. User s Guide 1.0

Veritas SaaS Backup for Office 365

Symantec ServiceDesk 7.1 SP1 Implementation Guide

Symantec PGP Viewer for ios

Veritas SaaS Backup for Salesforce

Veritas Desktop and Laptop Option 9.2. High Availability (HA) with DLO

Symantec Endpoint Encryption Full Disk Maintenance Pack Release Notes

Veritas Backup Exec Migration Assistant

Symantec Enterprise Vault Technical Note

Veritas Storage Foundation and High Availability Solutions Application Note: Support for HP-UX Integrity Virtual Machines

Veritas Cluster Server Library Management Pack Guide for Microsoft System Center Operations Manager 2007

Veritas Disaster Recovery Advisor Release Notes

NetBackup Copilot for Oracle Configuration Guide. Release 2.7.1

Symantec Encryption Desktop Version 10.2 for Mac OS X Release Notes. About Symantec Encryption Desktop

Symantec Enterprise Security Manager Patch Policy Release Notes

Symantec NetBackup OpsCenter Reporting Guide. Release 7.7

Symantec NetBackup for Enterprise Vault Agent Administrator's Guide

Symantec Enterprise Security Manager Patch Policy Release Notes

Symantec Enterprise Security Manager Patch Policy Release Notes

PGP(TM) Universal Server Version 3.2 Maintenance Pack Release Notes

Symantec Control Compliance Suite Express Security Content Update for JBoss Enterprise Application Platform 6.3. Release Notes

Veritas NetBackup Copilot for Oracle Configuration Guide. Release 2.7.2

Symantec Control Compliance Suite Express Security Content Update for Microsoft Windows Server 2008 R2 (CIS Benchmark 2.1.

Symantec Data Loss Prevention System Maintenance Guide. Version 14.0

Symantec Disaster Recovery Advisor Release Notes

Symantec System Recovery 2013 R2 Management Solution Administrator's Guide

Symantec Corporation NetBackup for Microsoft Exchange Server Administrator s Guide

Veritas System Recovery 18 Management Solution Administrator's Guide

Altiris PC Transplant 6.8 SP4 from Symantec User Guide

Symantec Enterprise Security Manager Patch Policy Release Notes

Security Content Update Release Notes. Versions: CCS 11.1.x and CCS 11.5.x

PGP Desktop Version 10.2 for Windows Maintenance Pack Release Notes

Veritas Storage Foundation and High Availability Solutions HA and Disaster Recovery Solutions Guide for Enterprise Vault

Symantec NetBackup for Enterprise Vault Agent Administrator's Guide

Veritas Storage Foundation and High Availability Solutions Getting Started Guide - Linux

Veritas Storage Foundation and High Availability Solutions Application Note: Support for HP-UX Integrity Virtual Machines

Symantec ApplicationHA Agent for Microsoft Internet Information Services (IIS) Configuration Guide

Veritas Storage Foundation Add-on for Storage Provisioning User's Guide. 4.0 Release Update 1

Veritas Cluster Server Database Agent for Microsoft SQL Configuration Guide

Veritas NetBackup for SQLite Administrator's Guide

Symantec Control Compliance Suite Getting Started Guide. Version: 11.0

Veritas Dynamic Multi-Pathing for Windows Release Notes

Symantec NetBackup for Microsoft Exchange Server Administrator s Guide

Symantec Enterprise Vault

Symantec ServiceDesk 7.1 SP2 Portal User Guide

Veritas Storage Foundation and High Availability Solutions Microsoft Clustering Solutions Guide for Microsoft Exchange 2007

Symantec Enterprise Security Manager Modules for Sybase Adaptive Server Enterprise User s Guide

Veritas System Recovery 16 Management Solution Administrator's Guide

Symantec ApplicationHA Agent for Microsoft SQL Server 2008 and 2008 R2 Configuration Guide

Symantec Enterprise Security Manager Patch Policy Release Notes

Symantec NetBackup for DB2 Administrator's Guide

PGP(TM) Universal Server Version 3.2 Maintenance Pack Release Notes

Veritas Enterprise Vault. NSF Migration

Symantec NetBackup Plug-in for VMware vsphere Web Client Guide. Release 7.6.1

Symantec Patch Management Solution for Windows 8.5 powered by Altiris technology User Guide

Wise Mobile Device Package Editor Reference

Symantec Mobile Management 7.1 Implementation Guide

Symantec Enterprise Security Manager User Guide. Version 10.0

Symantec NetBackup PureDisk Storage Pool Installation Guide

Symantec NetBackup OpsCenter 7.6 Performance

Transcription:

Symantec Enterprise Security Manager IBM DB2 Modules User Guide for Windows and UNIX Version 4.6

Symantec Enterprise Security Manager IBM DB2 Modules User Guide The software described in this book is furnished under a license agreement and may be used only in accordance with the terms of the agreement. Documentation version: 4.6 Legal Notice Copyright 2017 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo, ActiveAdmin, BindView, BV-Control, and LiveUpdate are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This Symantec product may contain third party software for which Symantec is required to provide attribution to the third party ( Third Party Programs ). Some of the Third Party Programs are available under open source or free software licenses. The License Agreement accompanying the Software does not alter any rights or obligations you may have under those open source or free software licenses. Please see the Third Party Legal Notice Appendix to this Documentation or TPIP ReadMe File accompanying this Symantec product for more information on the Third Party Programs. The product described in this document is distributed under licenses restricting its use, copying, distribution, and decompilation/reverse engineering. No part of this document may be reproduced in any form by any means without prior written authorization of Symantec Corporation and its licensors, if any. THE DOCUMENTATION IS PROVED "AS IS" AND ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE HELD TO BE LEGALLY INVAL. SYMANTEC CORPORATION SHALL NOT BE LIABLE FOR INCENTAL OR CONSEQUENTIAL DAMAGES IN CONNECTION WITH THE FURNISHING, PERFORMANCE, OR USE OF THIS DOCUMENTATION. THE INFORMATION CONTAINED IN THIS DOCUMENTATION IS SUBJECT TO CHANGE WITHOUT NOTICE. The Licensed Software and Documentation are deemed to be commercial computer software as defined in FAR 12.212 and subject to restricted rights as defined in FAR Section 52.227-19 "Commercial Computer Software - Restricted Rights" and DFARS 227.7202, "Rights in Commercial Computer Software or Commercial Computer Software Documentation", as applicable, and any successor regulations. Any use, modification, reproduction release, performance, display or disclosure of the Licensed Software and Documentation by the U.S. Government shall be solely in accordance with the terms of this Agreement.

Symantec Corporation 350 Ellis Street Mountain View, CA 94043 http://www.symantec.com

Technical Support Contacting Technical Support Symantec Technical Support maintains support centers globally. Technical Support s primary role is to respond to specific queries about product features and functionality. The Technical Support group also creates content for our online Knowledge Base. The Technical Support group works collaboratively with the other functional areas within Symantec to answer your questions in a timely fashion. For example, the Technical Support group works with Product Engineering and Symantec Security Response to provide alerting services and virus definition updates. Symantec s support offerings include the following: A range of support options that give you the flexibility to select the right amount of service for any size organization Telephone and/or Web-based support that provides rapid response and up-to-the-minute information Upgrade assurance that delivers software upgrades Global support purchased on a regional business hours or 24 hours a day, 7 days a week basis Premium service offerings that include Account Management Services For information about Symantec s support offerings, you can visit our website at the following URL: www.symantec.com/business/support/ All support services will be delivered in accordance with your support agreement and the then-current enterprise technical support policy. Customers with a current support agreement may access Technical Support information at the following URL: www.symantec.com/business/support/ Before contacting Technical Support, make sure you have satisfied the system requirements that are listed in your product documentation. Also, you should be at the computer on which the problem occurred, in case it is necessary to replicate the problem. When you contact Technical Support, please have the following information available: Product release level Hardware information

Available memory, disk space, and NIC information Operating system Version and patch level Network topology Licensing and registration Customer service Router, gateway, and IP address information Problem description: Error messages and log files Troubleshooting that was performed before contacting Symantec Recent software configuration changes and network changes If your Symantec product requires registration or a license key, access our technical support Web page at the following URL: www.symantec.com/business/support/ Customer service information is available at the following URL: www.symantec.com/business/support/ Customer Service is available to assist with non-technical questions, such as the following types of issues: Questions regarding product licensing or serialization Product registration updates, such as address or name changes General product information (features, language availability, local dealers) Latest information about product updates and upgrades about upgrade assurance and support contracts about the Symantec Buying Programs Advice about Symantec's technical support options Nontechnical presales questions Issues that are related to CD-ROMs, DVDs, or manuals

Support agreement resources If you want to contact Symantec regarding an existing support agreement, please contact the support agreement administration team for your region as follows: Asia-Pacific and Japan Europe, Middle-East, and Africa North America and Latin America customercare_apac@symantec.com semea@symantec.com supportsolutions@symantec.com

Contents Technical Support... 4 Chapter 1 Introducing Symantec ESM Modules for IBM DB2 Databases... 14 About the Symantec ESM Modules for IBM DB2 Databases... 14 About creating a baseline snapshot... 15 What you can do with ESM DB2 modules... 15 Where you can get more information... 16 Chapter 2 Understanding the ESM DB2 Modules... 17 About the ESM DB2 Audit Configuration module... 17 Auditing Enabled (Windows and UNIX)... 17 DB2 Copies or Instances (Windows)... 18 DB2 Instances (UNIX)... 18 Report Instances (Windows)... 18 Event Types (Windows and UNIX)... 18 Audit Failure Events (Windows and UNIX)... 19 Audit Success Events (Windows and UNIX)... 20 Audit Database Events (Windows and UNIX)... 21 Auditing Related Events (Windows and UNIX)... 22 Checking Events (Windows and UNIX)... 24 Object Maintenance Events (Windows and UNIX)... 26 Security Maintenance Events (Windows and UNIX)... 28 System Administrator Events (Windows and UNIX)... 30 Validate Events (Windows and UNIX)... 32 Context Events (Windows and UNIX)... 34 Error Handling Facility (Windows and UNIX)... 36 Audit Miscellaneous Events (Windows and UNIX)... 37 Instance Startup And Shutdown (Windows and UNIX)... 37 Changes To Configuration Parameters (Windows and UNIX)... 39 Database Activation And Deactivation (Windows and UNIX)... 40 Use Of SYSADM,DBADM,SYSCTRL,SYSMAINT (Windows and UNIX)... 42 Attempted Access To Restricted Objects (Windows and UNIX)... 44

Contents 8 Access To Sensitive Objects and/or Tables (Windows and UNIX)... 46 Unsuccessful Connection Attempts (Windows and UNIX)... 48 Administrative Functions Performed (Windows and UNIX)... 50 Other Audit Settings (Windows and UNIX)... 52 Audit Archive Path (Windows and UNIX)... 53 Audit Data Path (Windows and UNIX)... 53 Audit Configuration Settings (Windows and UNIX)... 54 About the ESM DB2 Discovery module... 55 Automatically Add New Database (UNIX)... 55 Automatically Add New Database (Windows)... 56 Automatically Add New Instance (UNIX)... 57 Automatically Remove Deleted Database (Windows and UNIX)... 58 Automatically Remove Deleted Instance (UNIX)... 59 Detect Deleted Database (Windows and UNIX)... 59 Detect Deleted Instance (UNIX)... 60 Detect New Database (Windows and UNIX)... 61 Detect New Instance (UNIX)... 61 About the ESM DB2 Fix Packs module... 62 DB2 Copies (Windows)... 62 DB2 Instances (UNIX)... 62 Installed Fix Packs (Windows and UNIX)... 63 Template files (Windows and UNIX)... 63 About the ESM DB2 Remote module... 65 DB2 Database Aliases (Windows and UNIX)... 65 Unauthorized Group Set in System Administrator Authority (Windows and UNIX)... 65 Unauthorized Group Set in System Control Authority (Windows and UNIX)... 66 Unauthorized Group Set in System Maintenance Authority (Windows and UNIX)... 67 Unauthorized Group/User in BINDADD Database Privilege (Windows and UNIX)... 67 Unauthorized Group/User in CONNECT Database Privilege (Windows and UNIX)... 68 Unauthorized Group/User in CREATETAB Database Privilege (Windows and UNIX)... 69 Unauthorized Group/User in CREATE_NOT_FENCED Database Privilege (Windows and UNIX)... 69 Unauthorized Group/User in Database Administrator Authority (Windows and UNIX)... 70

Contents 9 Unauthorized Group/User in IMPLICT_SCHEMA Database Privilege (Windows and UNIX)... 71 Unauthorized Group/User in LOAD Authority (Windows and UNIX)... 71 Unauthorized Group/User in CREATE_EXTERNAL_ROUTINE authority (Windows and UNIX)... 72 Authentication from the Server (Windows and UNIX)... 73 DB2 Version and OS (Windows and UNIX)... 73 Server Discovery Mode (Windows and UNIX)... 74 Instance Discovery Mode (Windows and UNIX)... 74 Database Discovery Mode (Windows and UNIX)... 75 New Group/User in Database Administrator Authority (Windows and UNIX)... 75 Deleted Group/User in Database Administrator Authority (Windows and UNIX)... 76 Modified Group/User in Database Administrator Authority (Windows and UNIX)... 77 New Group/User in CONNECT Database Privilege (Windows and UNIX)... 77 Deleted Group/User in CONNECT Database Privilege (Windows and UNIX)... 78 Modified Group/User in CONNECT Database Privilege (Windows and UNIX)... 79 New Group/User in BINDADD Database Privilege (Windows and UNIX)... 79 Deleted Group/User in BINDADD Database Privilege (Windows and UNIX)... 80 Modified Group/User in BINDADD Database Privilege (Windows and UNIX)... 81 New Group/User in CREATETAB Database Privilege (Windows and UNIX)... 81 Deleted Group/User in CREATETAB Database Privilege (Windows and UNIX)... 82 Modified Group/User in CREATETAB Database Privilege (Windows and UNIX)... 83 New Group/User in IMPLICIT_SCHEMA Database Privilege (Windows and UNIX)... 83 Deleted Group/User in IMPLICIT_SCHEMA Database Privilege (Windows and UNIX)... 84 Modified Group/User in IMPLICIT_SCHEMA Database Privilege (Windows and UNIX)... 85 New Group/User in LOAD Authority (Windows and UNIX)... 85

Contents 10 Deleted Group/User in LOAD Authority (Windows and UNIX)... 86 Modified Group/User in LOAD Authority (Windows and UNIX)... 86 New Group/User in CREATE_NOT_FENCED Database Privilege (Windows and UNIX)... 87 Deleted Group/User in CREATE_NOT_FENCED Database Privilege (Windows and UNIX)... 88 Modified Group/User in CREATE_NOT_FENCED Database Privilege (Windows and UNIX)... 88 New Group/User in the CREATE_EXTERNAL_ROUTINE Authority (Windows and UNIX)... 89 Deleted Group/User in CREATE_EXTERNAL_ROUTINE Authority (Windows and UNIX)... 90 Modified Group/User in CREATE_EXTERNAL_ROUTINE Authority (Windows and UNIX)... 90 Objects with nicknames (Windows and UNIX)... 91 Objects not owned by Orphan (Windows and UNIX)... 92 About the ESM DB2 System module... 92 DB2 Instances (Windows and UNIX)... 93 Database folder on system partition (Windows and UNIX)... 93 Instance folder on system partition (Windows and UNIX)... 93 Database log folder on system partition (Windows and UNIX)... 94 SSL is Disabled (Windows and UNIX)... 94 Node catalogued by using hostname Windows and UNIX... 95 DB2 directory and file permissions (Windows and UNIX)... 95 Database containers (Windows)... 96 Database containers (UNIX)... 97 Default database path (Windows)... 97 Default database path (UNIX)... 98 Permission on default database path (Windows)... 99 Permission on default database path (UNIX)... 101 Archive log path (Windows)... 103 Archive log path (UNIX)... 104 Permission on archive log path (Windows)... 105 Permission on archive log path (UNIX)... 107 Secondary archive log path (Windows)... 109 Secondary archive log path (UNIX)... 111 Permission on secondary archive log path (Windows)... 112 Permission on secondary archive log path (UNIX)... 114 Tertiary archive log path (Windows)... 116 Tertiary archive log path (UNIX)... 118

Contents 11 Permission on tertiary archive log path (Windows)... 119 Permission on tertiary archive log path (UNIX)... 121 Mirrored log path (Windows)... 123 Mirrored log path (UNIX)... 125 Permission on mirrored log path (Windows)... 126 Permission on diagnostic path (Windows)... 128 Permission on diagnostic path (UNIX)... 131 Minimum JDK version (Windows and UNIX)... 133 Permission on JDK runtime library path (Windows)... 134 Permission on JDK runtime library path (UNIX)... 136 Database Path Template files (UNIX)... 138 User ownership (UNIX)... 139 Group ownership (UNIX)... 140 Permissions (UNIX)... 141 About the ESM DB2 Privileges module... 142 DB2 Instances (Windows and UNIX)... 142 View Privileges (Windows and UNIX)... 142 Grantee with the WITH ADMIN or GRANT option (Windows and UNIX)... 145 Unauthorized Grantees in Database Authority (Windows and UNIX)... 146 Tablespace Privileges (Windows and UNIX)... 147 Table Privileges (Windows and UNIX)... 149 Role Members (Windows and UNIX)... 152 Routine Privileges (Windows and UNIX)... 153 Nickname Privileges (Windows and UNIX)... 156 Privileges of PUBLIC group (Windows and UNIX)... 159 Column Privileges (Windows and UNIX)... 160 Schema Privileges (Windows and UNIX)... 163 Maximum reported messages (Windows and UNIX)... 166 Schema Names (Windows and UNIX)... 166 About the ESM DB2 Configuration module... 167 DB2 Instances (Windows and UNIX)... 167 Database Manager Configuration (Windows and UNIX)... 167 Database Configuration (Windows and UNIX)... 168 Admin Configuration (Windows and UNIX)... 169 Fenced user (UNIX)... 171 DB2 sysctrl or sysmaint group is set as sysadm group (Windows and UNIX)... 172 Default databases (Windows and UNIX)... 173 Unauthorized members in dasadm group (Windows and UNIX)... 174

Contents 12 Unauthorized members in DB2 system groups (Windows and UNIX)... 174 Is SYSADM group the DB2 Instance owner (UNIX)... 176 Chapter 3 Working with the DB2 templates... 177 About the DB2 Authorities template... 179 Creating the DB2 Authorities template... 179 About using the DB2 Authorities template... 180 About the DB2 Database Manager Config Params template... 184 Creating the DB2 Database Manager Config Params template... 185 About using the DB2 Database Manager Config Params template... 185 About the DB2 Fix Packs template... 190 Creating the DB2 Fix Packs template... 191 About using the DB2 Fix Packs template... 191 About the DB2 Admin Config Params template... 193 Creating the DB2 Admin Config Params template... 194 About using the DB2 Admin Config Params template... 194 About the DB2 Database Config Params template... 199 Creating the DB2 Database Config Params template... 200 About using the DB2 Database Config Param template... 200 About the DB2 View Privileges template... 205 Creating the DB2 View Privileges template... 206 About using the DB2 View Privileges template... 206 About the DB2 Tablespace Privileges template... 209 Creating the DB2 Tablespace Privileges template... 210 About using the DB2 Tablespace Privileges template... 210 About the DB2 Table Privileges template... 213 Creating the DB2 Table Privileges template... 213 About using the DB2 Table Privileges template... 213 About the DB2 Role Members template... 216 Creating the DB2 Role Members template... 216 About using the DB2 Role Members template... 217 About the DB2 Routine Privileges template... 218 Creating the DB2 Routine Privileges template... 218 About using the DB2 Routine Privileges template... 219 About the DB2 Nickname Privileges template... 222 Creating the DB2 Nickname Privileges template... 222 About using the DB2 Nickname Privileges template... 222 About the DB2 System Authority Groups template... 225 Creating the DB2 System Authority Groups template... 225 About using the DB2 System Authority Groups template... 226

Contents 13 About the DB2 Column Privileges template... 227 Creating the DB2 Column Privileges template... 227 About using the DB2 Column Privileges template... 228 About the DB2 Schema Privileges template... 231 Creating the DB2 Schema Privileges template... 231 About using the DB2 Schema Privileges template... 231 About the DB2 Audit Settings template... 234 Creating the DB2 Audit Settings template... 234 About using the DB2 Audit Settings template... 234 About the DB2 Database File Permissions template... 236 Creating the DB2 Database File Permissions template... 236 About using the DB2 Database File Permissions template... 237 Chapter 4 Troubleshooting DB2 Modules on Windows... 240 Encryption exception... 240 ESM DB2 Remote module errors... 241 Chapter 5 Troubleshooting DB2 Modules on UNIX... 242 Encryption exception... 242 ESM DB2 Audit Configuration errors... 243 ESM DB2 Remote module errors... 243

Chapter 1 Introducing Symantec ESM Modules for IBM DB2 Databases This chapter includes the following topics: About the Symantec ESM Modules for IBM DB2 Databases About creating a baseline snapshot What you can do with ESM DB2 modules Where you can get more information About the Symantec ESM Modules for IBM DB2 Databases Symantec Enterprise Security Manager (ESM) Modules for IBM DB2 Databases extends Symantec ESM beyond securing the operating system to securing mission-critical e-business components. These modules protect IBM DB2 Databases from known security vulnerabilities. The modules introduce new, database-specific executables and content, including modules to check audit configuration, fix packs, authentication methods, current DB2 version and Unauthorized Authorities or privileges. Working within the framework of Symantec ESM, the industry's most comprehensive solution for discovering security vulnerabilities, Symantec ESM Modules for IBM DB2 Databases eases the administrative burden of measuring the effectiveness of enterprise security policies and enforcing compliance.

Introducing Symantec ESM Modules for IBM DB2 Databases About creating a baseline snapshot 15 This product installs on Windows Server 2003, Windows 2008, Solaris SPARC, IBM AIX, and Red Hat Enterprise Linux servers. With these modules, Symantec ESM's centralized security scanning and integrated reporting capabilities can be used to automate security evaluations and policy enforcement for any IBM DB2 9.5, 9.7 and 10.1 databases that runs on your network. About creating a baseline snapshot To establish a baseline for ESM DB2 module security checks, create a new ESM DB2 remote policy with snapshot-related checks enabled. Running this policy creates snapshots of the current account information that you can update when you run checks for new, deleted, or modified information. Run the module one time to create the snapshots, then rerun the module to detect changes between policy runs. After running a policy, to update the snapshots directly from messages in the Policy Run report, do one of the following: Right-click on a modified message Right-click on a deleted message Right-click on a new report message What you can do with ESM DB2 modules You can use Symantec ESM modules to report on the compliance of the your computer's security policies. You can use Symantec ESM Modules for IBM DB2 Databases in the same way that you use other Symantec ESM modules: Configure the application module to report on the IBM DB2 instances and databases Create a Symantec ESM policy using one or more DB2 modules Configure the new policy Configure applicable templates Run the policy Review the policy run results to compare the results with the your Enterprise security policies. The ESM DB2 Remote module uses the configuration information that is stored in the /esm/config/db2module.dat file on UNIX and

Introducing Symantec ESM Modules for IBM DB2 Databases Where you can get more information 16 <Installation_directory>\Program Files\Symantec\Enterprise Security Manager\ESM\config\DB2Module.dat on Windows. Where you can get more information See Using policies, templates, snapshots, and modules in the latest version of your Symantec Enterprise Security User s Guide and Reviewing policies, modules, and messages in the latest version of your Symantec ESM Security Update User s Guide for more information about Symantec ESM modules. For more information on Symantec ESM Security Updates see Symantec Enterprise Security User s Guide. For more information on Symantec ESM, Symantec ESM Security Updates, and Symantec ESM support for database products, see the Symantec Security Response Web site at http://securityresponse.symantec.com

Chapter 2 Understanding the ESM DB2 Modules This chapter includes the following topics: About the ESM DB2 Audit Configuration module About the ESM DB2 Discovery module About the ESM DB2 Fix Packs module About the ESM DB2 Remote module About the ESM DB2 System module About the ESM DB2 Privileges module About the ESM DB2 Configuration module About the ESM DB2 Audit Configuration module The ESM DB2 Audit Configuration module searches for the audit configuration for the IBM DB2 databases in the ESM agent computer. Auditing Enabled (Windows and UNIX) This check reports whether auditing is enabled on the IBM DB2 instances. The following table lists the message for the check.

About the ESM DB2 Audit Configuration module 18 Table 2-1 Message for Auditing Enabled Message String String : ESM_AUDIT_ACTIVE UNIX (236631) (238031) (238631) (238631) Title: DB2 Audit Status : Auditing is not active for the databases. The logs will not be generated for any events Severity: red-4 Correctable: Format: [DB2 Audit Configuration is not active. The events will not be audited] DB2 Copies or Instances (Windows) By default, the module examines all the database copies or instances that were configured during the DB2 installation. This check lets you include or exclude the database copies or instances that the module reports on. Use the name list in this option to include or exclude the database copies or instances. Use the name list to specify DB2V8 to include or exclude DB2 version 8. DB2 Instances (UNIX) The check examines all the databases that were configured during the ESM DB2 installation, by default. Use the name list in this option to specify the instances that are to be included or excluded. Report Instances (Windows) The check reports the examined databases that were configured during the ESM DB2 installation. Use this option to specify if DB2 instances are to be reported. Event Types (Windows and UNIX) The checks that are included in the Events Types group let you specify which types of events you want to audit. You can also specify whether only successful or failed events, or both, should be logged.

About the ESM DB2 Audit Configuration module 19 The following table lists the message for the check. Table 2-2 Message for Event Types Message String String : ESM_NO_ COMPARISON _SPECIFIED Category: ESM Error UNIX (236651) (238051) (238651) (238651) Title: Comparison type not specified : Enable Audit checks Severity: red-4 Correctable: Audit Failure Events (Windows and UNIX) This check reports whether the IBM DB2 databases logs error events are audited. This check is not supported on the IBM DB2 database version 9.5 and 9.7. The following table lists the messages for the check. Table 2-3 Messages for Audit Failure Events Message String String : ESM_LOG_DB2ERROR UNIX (236632) (238032) (238632) (238632) Title: Audit Failure Events : DB2 does not log error events Severity: red-4 Correctable: Format: [DB2 does not log error events]

About the ESM DB2 Audit Configuration module 20 Table 2-3 Messages for Audit Failure Events (continued) Message String String : ESM_LOG_ ERROR_WARNING UNIX (236653) (238053) (238653) (238653) Title: Audit Failure Events : The setting for auditing failure events is enabled but Auditing is not active. Hence DB2 does not audit failure events. Severity: yellow-1 Correctable: Format: [Setting for auditing failure events is enabled but Auditing is not active. Hence DB2 does not audit failure events] Audit Success Events (Windows and UNIX) This check reports whether IBM DB2 databases logs success events are audited. This check is not supported on the IBM DB2 database version 9.5 and 9.7. The following table lists the messages for the check. Table 2-4 Messages for Audit Success Events Message String String : ESM_LOG_SUCCESS UNIX (236633) (238033) (238633) (238633) Title: Audit Success Events : DB2 does not log success events Severity: red-4 Correctable: Format: [DB2 does not log success events]

About the ESM DB2 Audit Configuration module 21 Table 2-4 Messages for Audit Success Events (continued) Message String String : ESM_LOG_SUCCESS _WARNING UNIX (236661) (238061) (238661) (238661) Title: Audit Success Events : The setting for auditing success events is enabled but Auditing is not active. Hence DB2 does not audit success events. Severity: yellow-1 Correctable: Format: [Setting for auditing success events is enabled but Auditing is not active. Hence DB2 does not audit success events.] String : ESM_LOG_SUCCESS _ENABLED_WARNING UNIX (236662) (238062) (238662) (238662) Title: Audit Success Events : The setting for auditing success events is enabled. This will increase the audit log size significantly. Severity: yellow-1 Correctable: Format: [Setting for auditing success events is enabled. This will increase the audit log size significantly.] Audit Database Events (Windows and UNIX) The checks that are included in the Audit Database Events group verify which IBM DB2 database events are audited. The following table lists the message for the check.

About the ESM DB2 Audit Configuration module 22 Table 2-5 Message for Audit Database Events Message String String : ESM_NO_ COMPARISON _SPECIFIED Category: ESM Error UNIX (236651) (238051) (238651) (238651) Title: Comparison type not specified : Enable Audit checks Severity: red-4 Correctable: Auditing Related Events (Windows and UNIX) This check reports whether IBM DB2 databases logs audit events. The following table lists the messages for the check. Table 2-6 Messages for Auditing Related Events Message String String : ESM_LOG_DB2AUDIT UNIX (236634) (238034) (238634) (238634) Title: Audit auditing related events : DB2 does not log audit events Severity: red-4 Correctable: Format: [DB2 does not log audit events]

About the ESM DB2 Audit Configuration module 23 Table 2-6 Messages for Auditing Related Events (continued) Message String String : ESM_LOG_AUDIT_ WARNING UNIX (236654) (238054) (238654) (238654) Title: Audit Auditing Related Events : The setting for auditing audit related events is enabled but Auditing is not active. Hence DB2 does not audit audit related events Severity: yellow-1 Correctable: Format: [Setting for auditing audit related events is enabled but Auditing is not active. Hence DB2 does not audit audit related events] String : ESM_SETTING _ENABLED UNIX (236673) (238073) (238673) (238673) Title: Audit Enabled : The setting is enabled. Severity: green-0 Correctable: String : ESM_SETTING _DISABLED UNIX (236674) (238074) (238674) (238674) Title: Auditing Disabled : The setting is disabled. Severity: red-4 Correctable:

About the ESM DB2 Audit Configuration module 24 Table 2-6 Messages for Auditing Related Events (continued) Message String String : ESM_SETTING_ DISABLED_WARNING UNIX (236675) (238075) (238675) (238675) Title: Auditing Disabled : The setting for this event is enabled but Auditing is not active. Hence DB2 does not audit this event. Severity: yellow-1 Correctable: Format: [%s. This setting is enabled but Auditing is not active.] Checking Events (Windows and UNIX) This check reports whether IBM DB2 databases logs checking events. The following table lists the messages for the check. Table 2-7 Messages for Checking Events Message String String : ESM_LOG_CHECKING UNIX (236635) (238035) (238635) (238635) Title: Audit Checking events : DB2 does not log checking events Severity: red-4 Correctable: Format: [DB2 does not log checking events]

About the ESM DB2 Audit Configuration module 25 Table 2-7 Messages for Checking Events (continued) Message String String : ESM_LOG_ CHECKING_WARNING UNIX (236655) (238055) (238655) (238655) Title: Audit Checking Events : The setting for auditing checking events is enabled but Auditing is not active. Hence DB2 does not audit checking events Severity: yellow-1 Correctable: Format: [Setting for auditing checking events is enabled but Auditing is not active. Hence DB2 does not audit checking events] String : ESM_SETTING _ENABLED UNIX (236673) (238073) (238673) (238673) Title: Audit Enabled : The setting is enabled. Severity: green-0 Correctable: String : ESM_SETTING _DISABLED UNIX (236674) (238074) (238674) (238674) Title: Auditing Disabled : The setting is disabled. Severity: red-4 Correctable:

About the ESM DB2 Audit Configuration module 26 Table 2-7 Messages for Checking Events (continued) Message String String : ESM_SETTING_ DISABLED_WARNING UNIX (236675) (238075) (238675) (238675) Title: Auditing Disabled : The setting for this event is enabled but Auditing is not active. Hence DB2 does not audit this event. Severity: yellow-1 Correctable: Format: [%s. This setting is enabled but Auditing is not active.] Object Maintenance Events (Windows and UNIX) This check reports whether the IBM DB2 databases logs Object Maintenance events. The following table lists the messages for the check. Table 2-8 Messages for Object Maintenance Events Message String String : ESM_LOG_OBJMAINT UNIX (236636) (238036) (238636) (238636) Title: Audit Object Maintenance events : DB2 does not log object maintenance events Severity: red-4 Correctable: Format: [DB2 does not log object maintenance events]

About the ESM DB2 Audit Configuration module 27 Table 2-8 Messages for Object Maintenance Events (continued) Message String String : ESM_LOG_OBJMAINT _WARNING UNIX (236656) (238056) (238656) (238656) Title: Audit Object Maintenance Events : The setting for auditing object maintenance events is enabled but Auditing is not active. Hence DB2 does not audit object maintenance events Severity: yellow-1 Correctable: Format: [Setting for auditing object maintenance events is enabled but Auditing is not active. Hence DB2 does not audit objmaint events] String : ESM_SETTING _ENABLED UNIX (236673) (238073) (238673) (238673) Title: Audit Enabled : The setting is enabled. Severity: green-0 Correctable: String : ESM_SETTING _DISABLED UNIX (236674) (238074) (238674) (238674) Title: Auditing Disabled : The setting is disabled. Severity: red-4 Correctable:

About the ESM DB2 Audit Configuration module 28 Table 2-8 Messages for Object Maintenance Events (continued) Message String String : ESM_SETTING_ DISABLED_WARNING UNIX (236675) (238075) (238675) (238675) Title: Auditing Disabled : The setting for this event is enabled but Auditing is not active. Hence DB2 does not audit this event. Severity: yellow-1 Correctable: Format: [%s. This setting is enabled but Auditing is not active.] Security Maintenance Events (Windows and UNIX) This check reports whether the IBM DB2 databases logs Security Maintenance events. The following table lists the messages for the check. Table 2-9 Messages for Security Maintenance Events Message String String : ESM_LOG_SECMAINT UNIX (236637) (238037) (238637) (238637) Title: Audit Security Maintenance events : DB2 does not log security maintenance events Severity: red-4 Correctable: Format: [DB2 does not log security maintenance events]

About the ESM DB2 Audit Configuration module 29 Table 2-9 Messages for Security Maintenance Events (continued) Message String String : ESM_LOG_SECMAINT _WARNING UNIX (236657) (238057) (238657) (238657) Title: Audit Security Maintenance Events : The setting for auditing security maintenance events is enabled but Auditing is not active. Hence DB2 does not audit security maintenance events Severity: yellow-1 Correctable: Format: [Setting for auditing security maintenance event is enabled but Auditing is not active. Hence DB2 does not audit secmaint events] String : ESM_SETTING _ENABLED UNIX (236673) (238073) (238673) (238673) Title: Audit Enabled : The setting is enabled. Severity: green-0 Correctable: String : ESM_SETTING _DISABLED UNIX (236674) (238074) (238674) (238674) Title: Auditing Disabled : The setting is disabled. Severity: red-4 Correctable:

About the ESM DB2 Audit Configuration module 30 Table 2-9 Messages for Security Maintenance Events (continued) Message String String : ESM_SETTING_ DISABLED_WARNING UNIX (236675) (238075) (238675) (238675) Title: Auditing Disabled : The setting for this event is enabled but Auditing is not active. Hence DB2 does not audit this event. Severity: yellow-1 Correctable: Format: [%s. This setting is enabled but Auditing is not active.] System Administrator Events (Windows and UNIX) This check reports whether IBM DB2 databases logs System Administrator events. The following table lists the messages for the check. Table 2-10 Messages for System Administrator Events Message String String : ESM_LOG_SYSADM UNIX (236638) (238038) (238638) (238638) Title: Audit System Administrator events : DB2 does not log system administrator events Severity: red-4 Correctable: Format: [DB2 does not log system administrator events]

About the ESM DB2 Audit Configuration module 31 Table 2-10 Messages for System Administrator Events (continued) Message String String : ESM_LOG_SYSADM _WARNING UNIX (236658) (238058) (238658) (238658) Title: Audit System Administrator Events : The setting for auditing system administrator events is enabled but Auditing is not active. Hence DB2 does not audit system administrator events Severity: yellow-1 Correctable: Format: [Setting for auditing system administrator event is enabled but Auditing is not active. Hence DB2 does not audit sysadmin events] String : ESM_SETTING _ENABLED UNIX (236673) (238073) (238673) (238673) Title: Audit Enabled : The setting is enabled. Severity: green-0 Correctable: String : ESM_SETTING _DISABLED UNIX (236674) (238074) (238674) (238674) Title: Auditing Disabled : The setting is disabled. Severity: red-4 Correctable:

About the ESM DB2 Audit Configuration module 32 Table 2-10 Messages for System Administrator Events (continued) Message String String : ESM_SETTING_ DISABLED_WARNING UNIX (236675) (238075) (238675) (238675) Title: Auditing Disabled : The setting for this event is enabled but Auditing is not active. Hence DB2 does not audit this event. Severity: yellow-1 Correctable: Format: [%s. This setting is enabled but Auditing is not active.] Validate Events (Windows and UNIX) This check reports whether the IBM DB2 databases logs Validate events. The following table lists the messages for the check. Table 2-11 Messages for Validate Events Message String String : ESM_LOG_VALATE UNIX (236639) (238039) (238639) (238639) Title: Audit Validate events : DB2 does not log validate events Severity: red-4 Correctable: Format: [DB2 does not log validate events]

About the ESM DB2 Audit Configuration module 33 Table 2-11 Messages for Validate Events (continued) Message String String : ESM_LOG_VALATE _WARNING UNIX (236659) (238059) (238659) (238659) Title: Audit Validate Events : The setting for auditing validate events is enabled but Auditing is not active. Hence DB2 does not audit validate events Severity: yellow-1 Correctable: Format: [Setting for auditing validate events is enabled but Auditing is not active. Hence DB2 does not audit validate events] String : ESM_SETTING _ENABLED UNIX (236673) (238073) (238673) (238673) Title: Audit Enabled : The setting is enabled. Severity: green-0 Correctable: String : ESM_SETTING _DISABLED UNIX (236674) (238074) (238674) (238674) Title: Auditing Disabled : The setting is disabled. Severity: red-4 Correctable:

About the ESM DB2 Audit Configuration module 34 Table 2-11 Messages for Validate Events (continued) Message String String : ESM_SETTING_ DISABLED_WARNING UNIX (236675) (238075) (238675) (238675) Title: Auditing Disabled : The setting for this event is enabled but Auditing is not active. Hence DB2 does not audit this event. Severity: yellow-1 Correctable: Format: [%s. This setting is enabled but Auditing is not active.] Context Events (Windows and UNIX) This check reports whether IBM DB2 databases logs Context events. The following table lists the messages for the check. Table 2-12 Messages for Context Events Message String String : ESM_LOG_CONTEXT UNIX (236640) (238040) (238640) (238640) Title: Audit context events : DB2 does not log context events Severity: red-4 Correctable: Format: [DB2 does not log context events]

About the ESM DB2 Audit Configuration module 35 Table 2-12 Messages for Context Events (continued) Message String String : ESM_LOG_ CONTEXT_WARNING UNIX (236660) (238060) (238660) (238660) Title: Audit Context Events : The setting for auditing context events is enabled but Auditing is not active. Hence DB2 does not audit context events. Severity: yellow-1 Correctable: Format: [Setting for auditing context events is enabled but Auditing is not active. Hence DB2 does not audit context events] String : ESM_SETTING _ENABLED UNIX (236673) (238073) (238673) (238673) Title: Audit Enabled : The setting is enabled. Severity: green-0 Correctable: String : ESM_SETTING _DISABLED UNIX (236674) (238074) (238674) (238674) Title: Auditing Disabled : The setting is disabled. Severity: red-4 Correctable:

About the ESM DB2 Audit Configuration module 36 Table 2-12 Messages for Context Events (continued) Message String String : ESM_SETTING_ DISABLED_WARNING UNIX (236675) (238075) (238675) (238675) Title: Auditing Disabled : The setting for this event is enabled but Auditing is not active. Hence DB2 does not audit this event. Severity: yellow-1 Correctable: Format: [%s. This setting is enabled but Auditing is not active.] Error Handling Facility (Windows and UNIX) This check reports whether the IBM DB2 databases have the audit facility parameter set to Audit. You have the option to specify whether audit facility errors are returned to the user (AUDIT) or ignored (NORMAL). The following table lists the message for the check. Table 2-13 Message for Error Handling Facility Message String String : ESM_LOG_ERRORTYPE UNIX (236641) (238041) (238641) (238641) Title: Audit Facility For Error Handling : The audit facility parameter (ERRORTYPE) is set to Normal Severity: red-4 Correctable: Format: [Audit facility parameter (ERRORTYPE) is set to normal]

About the ESM DB2 Audit Configuration module 37 Audit Miscellaneous Events (Windows and UNIX) The checks that are included in the Audit Miscellaneous Events group verify which IBM DB2 database miscellaneous events are audited. The following table lists the message for the check. Table 2-14 Message for Audit Miscellaneous Events Message String String : ESM_NO _COMPARISON _SPECIFIED Category: ESM Error UNIX (236651) (238051) (238651) (238651) Title: Comparison type not specified : Enable Audit checks Severity: red-4 Correctable: Instance Startup And Shutdown (Windows and UNIX) This check reports whether IBM DB2 databases log the startup and shutdown events of instances. The following table lists the messages for the check.

About the ESM DB2 Audit Configuration module 38 Table 2-15 Messages for Instance Startup And Shutdown Message String String : ESM_LOG_INSTANCE _UP_DOWN String : ESM_LOG_INSTANCE _UP_DOWN_WARNING UNIX (236642) (238042) (238642) (238642) UNIX (236663) (238063) (238663) (238663) Title: Audit Instance startup and shutdown : DB2 does not log instance startup and shutdown Title: Audit Instance startup and shutdown : The setting for auditing success events is enabled but Auditing is not active. Hence DB2 does not audit success events. Severity: red-4 Correctable: Format: [Instance startup and shutdown will not be logged] Severity: yellow-1 Correctable: Format: [This setting is enabled but Auditing is not active. Hence DB2 does not audit instance startup and shutdown events.] String : ESM_SETTING _ENABLED UNIX (236673) (238073) (238673) (238673) Title: Audit Enabled : The setting is enabled. Severity: green-0 Correctable:

About the ESM DB2 Audit Configuration module 39 Table 2-15 Messages for Instance Startup And Shutdown (continued) Message String String : ESM_SETTING _DISABLED UNIX (236674) (238074) (238674) (238674) Title: Auditing Disabled : The setting is disabled. Severity: red-4 Correctable: String : ESM_SETTING_ DISABLED_WARNING UNIX (236675) (238075) (238675) (238675) Title: Auditing Disabled : The setting for this event is enabled but Auditing is not active. Hence DB2 does not audit this event. Severity: yellow-1 Correctable: Format: [%s. This setting is enabled but Auditing is not active.] Changes To Configuration Parameters (Windows and UNIX) This check reports whether IBM DB2 databases log the changes made to the instance and the database configuration parameters. The following table lists the messages for the check.

About the ESM DB2 Audit Configuration module 40 Table 2-16 Messages for Changes To Configuration Parameters Message String String : ESM_LOG_ DB_DBM_CFG String : ESM_LOG_DB_ DBM_CFG_WARNING UNIX (236643) (238043) (238643) (238643) UNIX (236664) (238064) (238664) (238664) Title: Audit configuration parameter changes : DB2 does not log changes made to instance and database configuration parameters Title: Audit configuration parameters changes : The setting for auditing instance and database configuration change events is enabled but Auditing is not active. Hence DB2 does not audit instance and database configuration change events. Severity: red-4 Correctable: Format: [Changes made to instance and database configuration parameters will not be logged] Severity: yellow-1 Correctable: Format: [This setting is enabled but Auditing is not active. Hence DB2 does not audit instance and database configuration change events.] Database Activation And Deactivation (Windows and UNIX) This check reports whether IBM DB2 databases log database activation and deactivation. The following table lists the messages for the check.

About the ESM DB2 Audit Configuration module 41 Table 2-17 Messages for Database Activation And Deactivation Message String String : ESM_LOG_DB _ACT_DEACT UNIX (236644) (238044) (238644) (238644) Title: Audit database activation and deactivation : DB2 does not log database activation and deactivation Severity: red-4 Correctable: Format: [Database Activation and deactivation will not be logged] String : ESM_LOG_DB_ ACT_DEACT_WARNING UNIX (236665) (238065) (238665) (238665) Title: Audit database activation and deactivation : The setting for auditing database activation and deactivation events is enabled but Auditing is not active. Hence DB2 does not audit database activation and deactivation events. Severity: yellow-1 Correctable: Format: [This setting is enabled but Auditing is not active. Hence DB2 does not audit database activation and deactivation events.] String : ESM_SETTING _ENABLED UNIX (236673) (238073) (238673) (238673) Title: Audit Enabled : The setting is enabled. Severity: green-0 Correctable:

About the ESM DB2 Audit Configuration module 42 Table 2-17 Messages for Database Activation And Deactivation (continued) Message String String : ESM_SETTING _DISABLED UNIX (236674) (238074) (238674) (238674) Title: Auditing Disabled : The setting is disabled. Severity: red-4 Correctable: String : ESM_SETTING_ DISABLED_WARNING UNIX (236675) (238075) (238675) (238675) Title: Auditing Disabled : The setting for this event is enabled but Auditing is not active. Hence DB2 does not audit this event. Severity: yellow-1 Correctable: Format: [%s. This setting is enabled but Auditing is not active.] Use Of SYSADM,DBADM,SYSCTRL,SYSMAINT (Windows and UNIX) This check reports whether IBM DB2 databases log the use of SYSADM, DBADM, SYSCTRL, SYSMAINT. The following table lists the messages for the check.

About the ESM DB2 Audit Configuration module 43 Table 2-18 Messages for Use Of SYSADM, DBADM, SYSCTRL, SYSMAINT Message String String : ESM_LOG_ADMINS UNIX (236645) (238045) (238645) (238645) Title: Audit Use of SYSADM, DBADM, SYSCTRL, SYSMAINT : DB2 does not log use of SYSADM, DBADM, SYSCTRL, SYSMAINT Severity: red-4 Correctable: Format: [Use of SYSADM, DBADM, SYSCTRL, SYSMAINT will not be logged] String : ESM_LOG_ADMINS _WARNING UNIX (236666) (238066) (238666) (238666) Title: Audit Use of SYSADM, DBADM, SYSCTRL, SYSMAINT : The setting for auditing use of SYSADM, DBADM, SYSCTRL, SYSMAINT events is enabled but Auditing is not active. Hence DB2 does not audit use of SYSADM, DBADM, SYSCTRL, SYSMAINT events. Severity: yellow-1 Correctable: Format: [This setting is enabled but Auditing is not active. Hence DB2 does not audit use of SYSADM, DBADM, SYSCTRL, SYSMAINT events.]

About the ESM DB2 Audit Configuration module 44 Table 2-18 Messages for Use Of SYSADM, DBADM, SYSCTRL, SYSMAINT (continued) Message String String : ESM_SETTING _ENABLED UNIX (236673) (238073) (238673) (238673) Title: Audit Enabled : The setting is enabled. Severity: green-0 Correctable: String : ESM_SETTING _DISABLED UNIX (236674) (238074) (238674) (238674) Title: Auditing Disabled : The setting is disabled. Severity: red-4 Correctable: String : ESM_SETTING_ DISABLED_WARNING UNIX (236675) (238075) (238675) (238675) Title: Auditing Disabled : The setting for this event is enabled but Auditing is not active. Hence DB2 does not audit this event. Severity: yellow-1 Correctable: Format: [%s. This setting is enabled but Auditing is not active.] Attempted Access To Restricted Objects (Windows and UNIX) This check reports whether IBM DB2 databases log the attempted access to restricted objects defined by the owner. The following table lists the messages for the check.

About the ESM DB2 Audit Configuration module 45 Table 2-19 Messages for Attempted Access To Restricted Objects Message String String : ESM_LOG_ RESTRICTED_OBJ UNIX (236646) (238046) (238646) (238646) Title: Audit attempted access to restricted objects : DB2 does not log attempted access to restricted objects defined Severity: red-4 Correctable: Format: [Attempted access to restricted objects defined by owner will not be logged] String : ESM_LOG_ RESTRICTED_OBJ UNIX (236667) (238067) (238667) (238667) Title: Audit attempted access to restricted objects : The setting for auditing attempted access to restricted objects events is enabled but Auditing is not active. Hence DB2 does not audit attempted access to restricted objects events. Severity: yellow-1 Correctable: Format: [This setting is enabled but Auditing is not active. Hence DB2 does not audit attempted access to restricted objects events.] String : ESM_SETTING _ENABLED UNIX (236673) (238073) (238673) (238673) Title: Audit Enabled : The setting is enabled. Severity: green-0 Correctable:

About the ESM DB2 Audit Configuration module 46 Table 2-19 Messages for Attempted Access To Restricted Objects (continued) Message String String : ESM_SETTING _DISABLED UNIX (236674) (238074) (238674) (238674) Title: Auditing Disabled : The setting is disabled. Severity: red-4 Correctable: String : ESM_SETTING_ DISABLED_WARNING UNIX (236675) (238075) (238675) (238675) Title: Auditing Disabled : The setting for this event is enabled but Auditing is not active. Hence DB2 does not audit this event. Severity: yellow-1 Correctable: Format: [%s. This setting is enabled but Auditing is not active.] Access To Sensitive Objects and/or Tables (Windows and UNIX) This check reports whether IBM DB2 databases log the access to sensitive Objects and/or Tables defined by the owner. The following table lists the messages for the check.

About the ESM DB2 Audit Configuration module 47 Table 2-20 Messages for Access To Sensitive Objects and/or Tables Message String String : ESM_LOG _SENSITIVE_OBJ String : ESM_LOG_ SENSITIVE_OBJ _WARNING UNIX (236647) (238047) (238647) (238647) UNIX (236668) (238068) (238668) (238668) Title: Audit access to sensitive Objects and/or Tables : DB2 does not log access to sensitive Objects and/or Tables defined Title: Audit access to sensitive Objects and/or Tables : The setting for auditing access to sensitive Objects and/or Tables events is enabled but Auditing is not active. Hence DB2 does not audit access to sensitive Objects and/or Tables events. Severity: red-4 Correctable: Format: [Access to sensitive Objects and/or Tables defined by owner will not be logged] Severity: yellow-1 Correctable: Format: [This setting is enabled but Auditing is not active. Hence DB2 does not audit access to sensitive Objects and/or Tables events.]

About the ESM DB2 Audit Configuration module 48 Table 2-20 Messages for Access To Sensitive Objects and/or Tables (continued) Message String String : ESM_SETTING _ENABLED UNIX (236673) (238073) (238673) (238673) Title: Audit Enabled : The setting is enabled. Severity: green-0 Correctable: String : ESM_SETTING _DISABLED UNIX (236674) (238074) (238674) (238674) Title: Auditing Disabled : The setting is disabled. Severity: red-4 Correctable: String : ESM_SETTING_ DISABLED_WARNING UNIX (236675) (238075) (238675) (238675) Title: Auditing Disabled : The setting for this event is enabled but Auditing is not active. Hence DB2 does not audit this event. Severity: yellow-1 Correctable: Format: [%s. This setting is enabled but Auditing is not active.] Unsuccessful Connection Attempts (Windows and UNIX) This check reports whether IBM DB2 databases log the non-successful connection attempts from all users. The following table lists the messages for the check.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback