Get list of files and programs touched by AS400/iSeries service account

StackOverflow https://stackoverflow.com/questions/21285826

  •  01-10-2022
  •  | 
  •  

Question

I am trying to get a list of the programs (RPG/CL/SQL) and files a service account on the iSeries has touched. The idea is that having this list we can tie specific permissions (I know this will really complicate things) to the user account in order to achieve a more secure application specific service account. Is there any way to do this and maybe get a report by running a command. Maybe there is a SQL statement?

Please excuse me if my terms are not appropriate, I am still new to the iSeries.

Was it helpful?

Solution

The audit journal will have what you are looking for....if so configured.

http://pic.dhe.ibm.com/infocenter/iseries/v7r1m0/topic/rzarl/rzarlusesecjnl.htm

The newest 7.1 TR includes stored procedures to allow easy read of journals. https://www.ibm.com/developerworks/community/wikis/home/wiki/IBM%20i%20Technology%20Updates/page/DISPLAY_JOURNAL%20(easier%20searches%20of%20Audit%20Journal)

Charles

OTHER TIPS

So though Charles' answer might be the one one should set up to get a thorough report. I wound up doing the following as suggested by one of my peers.

Please note that my goal though not properly explained as so, was to create an application specific user/service account for a program. This is to avoid using one with many privileges and thus gain some security.

1.Go through the source code (in my case classic ASP) and jot down all the names of the procedures used by that program.
2.Create a CL program that outputs the program references to a display file. Then export the file's contents onto Excel and massage where necessary.

PGM 
DSPPGMREF  PGM(MYLIB/PGM001) OUTPUT(*OUTFILE) OUTFILE(MYLIB/DSPPGMREF) OUTMBR(*FIRST *REPLACE)
DSPPGMREF  PGM(MYLIB/PGM002) OUTPUT(*OUTFILE) OUTFILE(MYLIB/DSPPGMREF) OUTMBR(*FIRST *ADD)
ENDPGM

I was told however that service programs references cannot be displayed with DSPPGMREF. So the following was done for those.

PGM                                                                                             
ADDLIBLE LIB(ABSTRACT) POSITION(*LAST)                                                          
MONMSG MSGID(CPF0000)                                                                           
WRKOBJR OBJ(SRVPGM01) OBJTYPE(*SRVPGM) OUTPUT(*OUTFILE) OUTFILE(MYLIB/WRKOBJR) MBROPT(*REPLACE)
WRKOBJR OBJ(SRVPGM02) OBJTYPE(*SRVPGM) OUTPUT(*OUTFILE) OUTFILE(MYLIB/WRKOBJR) MBROPT(*ADD)    
WRKOBJR OBJ(SRVPGM03) OBJTYPE(*SRVPGM) OUTPUT(*OUTFILE) OUTFILE(MYLIB/WRKOBJR) MBROPT(*ADD)    
ENDPGM

Thank you for all your help. I apologize that my answer is a little more specific than my question but in the end this was what I wanted to achieve, I had to generalize to ask the question. I'd thought i'd post post my answer anyways in case it helps someone in the future.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top