To allow an administrator to monitor recorded events which may indicate an intrusion attempt.
The administrator can monitor the system to detect patterns of failed logon, or attempts to access pages for which they do not have access. If a pattern is detected, then this information can be used as a starting point for a more detailed investigation.
Failed logon attempts, and attempts to access pages for which the user does not have authority are captured in the security audit log databases.
Professional, Business Edition
Task | Description | Role |
---|---|---|
Notify security administrator (external) |
If a pattern of violations is detected, the security administrator can be notified and action taken. |
Site Administrator |
Monitor AC log table |
The administrator can monitor the ACCLOGMAIN and ACCLOGCUB tables for patterms of access violations. |
Site Administrator |
(C) Copyright IBM Corporation 1996, 2004. All Rights Reserved.