Databases Reference
In-Depth Information
Table 12.3
DB2 SECMAINT events (continued)
Event
Description
Privilege granted or revoked on an update on one or
more specific columns of a table with granting of
privileges allowed
Column UPDATE with
GRANT
Privilege granted or revoked on a reference on one or
more specific columns of a table
Column REFERENCE
Column REFERENCE with
GRANT
Privilege granted or revoked on a reference on one or
more specific columns of a table with granting of
privileges allowed
LOAD Authority
LOAD authority granted or revoked
Package BIND
BIND privilege granted or revoked on a package
BIND privilege granted or revoked on a package with
granting of privileges allowed
Package BIND with
GRANT
EXECUTE privilege granted or revoked on a package
or a routine
EXECUTE
EXECUTE with GRANT
EXECUTE privilege granted or revoked on a package
or a routine with granting of privileges allowed
EXECUTE IN SCHEMA
EXECUTE privilege granted or revoked for all rou-
tines in a schema
EXECUTE IN SCHEMA with
GRANT
EXECUTE privilege granted or revoked for all rou-
tines in a schema with granting of privileges allowed
EXECUTE privilege granted or revoked for all rou-
tines in a type
EXECUTE IN TYPE
EXECUTE privilege granted or revoked for all rou-
tines in a type with granting of privileges allowed
EXECUTE IN TYPE with
GRANT
CREATE EXTERNAL
ROUTINE
CREATE EXTERNAL ROUTINE privilege granted
or revoked
QUIESCE_CONNECT
QUIESCE_CONNECT privilege granted or revoked
Figure 12.7. Then, add a rule to a policy that alerts you when any such
command is used (e.g., the rule in Figure 12.8). The rule within the policy
ensures that you will get an alert on such a command, but even without it
you will still have a full audit trail that includes all occurrences of any one of
the commands in the group.
Search WWH ::
Custom Search