System Log access / logging

[jsquizz]

Hi All,

I am creating a user that only has access to the system log / system load folders and app groups. However, I want everything that the user searches to be logged (65/66 records). I went to turn this on and noticed that there is no storage set setup for the System Log app group on my system which I believe I've seen before. Is there a better way of doing what I want to do? What if I change the storage set to cache only - library server (1 server environment...)

Thanks

[Justin Derrick]

I'd actually run this as an exit -- it allows you to capture precisely the info you want (UserID=SysLogUser1, Msg_Num=65 or Msg_num=66), whereas you'd have to turn on Query/Retrieve logging for all users of the System Log.

Of course, both solutions come with some overhead -- so do lots of performance testing before implementing. 

-JD.

[jsquizz]

I'd actually run this as an exit -- it allows you to capture precisely the info you want (UserID=SysLogUser1, Msg_Num=65 or Msg_num=66), whereas you'd have to turn on Query/Retrieve logging for all users of the System Log.

Of course, both solutions come with some overhead -- so do lots of performance testing before implementing. 

-JD.

I was actually overthinking this. I guess it was more for "the powers to be.." to be able to have access to what a specific user did in the system log. I made a user, threw some query restrictions on the user and restricted access to the things we wouldn't want them looking at. But, I will take a look at the arslog exit. Thanks!

[Justin Derrick]

Ah yes.  Query restrictions are a much better solution -- prevent someone from ever seeing something, rather than trying to catch them after the fact.

-JD.