IBM i (OS/400) Audit Settings Made Easy

You should use Audit to define the IBM i (OS/400) system values, user profile parameters and object parameters that make up the audit settings. All of these parameters are available from the IBM i Audit Features menu in Audit. You should never again have to use the IBM i commands to maintain audit settings.

IBM i records user activities and object access attempts to the security audit journal according to the audit settings currently in force. This is referred to as the Current Setting. You can create and save groups of settings for future use.

If the IBM i audit is not working and is activated after activating real-time Audit, the result will include:

• IBM i (OS/400) audit according to the selected audit level

• Real-time Audit

• Actions based on the real time Audit

• The disk-space consumed by both the IBM i (OS/400) system journal and by the real‑time Audit logs

Some of the entries (for example, object auditing: ZR=read object) influence performance and disk space. Use the Visualizer to recognize what are the largest entry types in the organization and how to minimize the performance impact. To learn how to define the Audit settings according to your organization’s needs, see IBM i (OS/400) Audit Settings.