I'm trying to set up an Audit facility
on a DB2 AWSE V10.5 FP5 database
running on Red Hat Linux Server 6.8.
The definition for the policy is :
ALTER
AUDIT POLICY Failures
CATEGORIES
Audit STATUS Failure,
Checking STATUS Failure,
Context STATUS Failure,
ObjMaint STATUS Failure,
SecMaint STATUS Failure,
**execute with data STATUS Failure**,
Validate STATUS Failure
ERROR TYPE NORMAL ;
This is producing data for all the categories, except EXECUTE.
My test script includes statements that fail with SQL0204, SQL0206, etc. but no data is extracted into the execute.del
file in the audit output.
Anyone have an idea what I'm missing?
Best Answer
A note in the manual explains why these statements do not make it into the audit log:
SQL0204N and SQL0206N, both of which complain about invalid object names, are raised during the statement parse phase, that is, before execution starts. Errors raised after execution starts, such as SQL0911N (lock timeout), will be audited.