Working with Message Queues

There are two fixed IBM message queue types, known as Group ID:

  • @9 QHST – IBM provided History queue
  • @1 QSYSOPR – IBM provided System Operator queue

In Audit, you can create your own message queues and operate them according to your needs. This unique solution allows real-time auditing on message queues, by:

  • Modifying rules according to all the message queue parameters
  • Responding to the message by alerting the user (by email and/or text message (SMS)) and by reacting to it directly (send auto response).

To work with message queues:

  • Select 14. Message Queue (SysCtl) in the Main menu (STRAUD 14). The Message Queue menu appears.
 AUMSGM​                         ​   Message Queue ​                ​  iSecurity⁄SysCtl​  
                                                             ​  System:​    S520    ​  
  Select one of the following:​                                                    
                                                                                
  Settings​                               ​  Build Rules for displayed Msgs      ​     
   1. Control Message Queues⁄QHST   ​     ​  51. Build rules from Displayed Msgs   ​   
                                       ​  55. Display History Log (Audit version)​  
  Real-Time Detection Rules​                                                       
  11. Message Queue rules      ​                                                   
                                                                                
  Activate MSGQ detection​                                                         
  21. Activate​                                                                    
  22. Deactivate​                                                                  
                                                                                
  Set Start​                                                                       
  35. Set Start of QHST Time​                                                      
                                                                                
                                                                                
  Selection or command                  ​                                          
  ===>​                                                                            
                                                                                 
  F3=Exit   F4=Prompt   F9=Retrieve   F12=Cancel                                ​  
  F13=Information Assistant  F16=AS⁄400 main menu                                
                                                                                ​