Type80 SMA_RT with DB2 Connector

DB2 logs internal events to its own type of SMF log records. The DB2 SMF records contain information related to many different types of events occurring within the system. The level of granularity depends on configurations of the DB2 audit trace at the individual table level. The SMF records provide data useful for investigating security events and if used in combination with other resources, help investigate possible attacks and breaches for incident response, auditing and compliance purposes.

Your Problem:

DB2 SMF records are created in binary format and may be in excess of 32,000 characters in length. The SMF records are not readable by a plain text editor, making online viewing and interpretation almost impossible for SIM, SIEM and log consolidation products.

Our Solution:

The Type80 SMA_RT base product offers an optional SMF collection feature for z/OS DB2 customers wishing to collect comprehensive DB2 Audited events. The Tyep80 DB2 connector translates the binary data from bit settings into a clearly readable format. It also filters out unnecessary information before placing it into the Syslog format and automatically creates segmented Syslog records if required.

Key points:

SMA_RT Security Software: z/OS Security Solution

In addition to all of the SMA_RT product features, the Type80 SMA_RT DB2 Connector is capable of reporting on the following events if the data is contained within the DB2 SMF record:

  • Inadequate authorization
  • Grant and Revoke statements
  • Create, Alters and Drops
  • Read Access with Audit All
  • Binding of static and dynamic SQL’s
  • Certain assignment or changes to authorization ID
  • The start of a utility job
  • Create and alter of trusted context
Copyright Type80 Security Software, Inc. - All rights reserved.
IT Web Design by Silver Scope Web Design