March 14, 2012 - Vol 2, Issue 6 Security Workshop
SEA On Demand Demonstration

Is Your JD EDWARDS Database Secure? See how SKYVIEW PARTNERS can help!

Cilasoft Security Solutions - Intelligently Engineered Security Solutions

Carsten's Security Code for IBM i

Managing the Online Retention of Audit Data using RMVJRNRCV

Code By Carsten Flensburg Article by Dan Riehl

With Downloadable Source Code

When you decide to begin auditing security related events on your system to the QAUDJRN journal, or when you start journaling changes to physical files, data areas or data queues, you must also decide how you are going to manage the online retention of the journal's receivers.

The journal receivers are the storage areas used for the audit records generated by system auditing or database journaling. If left unchecked, these journal receivers will continue to expand in size and number, and may ultimately consume all of your available disk space.

When you want to control how long journal receivers are available online, you will want to "age" the receivers. For example, if you want to keep five days' worth of transactions online, you can either manually delete the old receivers or run the RMVJRNRCV(Remove Journal Receivers) command presented here.

The Remove Journal Receivers (RMVJRNRCV) command lets you age the receivers and optionally connect the journal to a new receiver.

You can run this command from a command line, or better yet, place the command in your job scheduler to ensure daily or weekly "Aging" of your journal receivers.

You can use this command to manage all of your journals, including QAUDJRN and database journals to perform an intelligent deletion of old receivers.

Here's a view of the RMVJRNRCV command prompt:
                   Remove Journal Receivers (RMVJRNRCV)

     Type choices, press Enter.

            Journal . . . . . . . . . . . .  ______   Name
              Library . . . . . . . . . . .   *LIBL   Name, *LIBL, *CURLIB
           Journal receiver retain days . .  *NONE    1-999, *NONE
           Journal receivers to retain  . .  *NONE    1-999, *NONE
           Force receiver deletion  . . . .  *NO      *NO, *YES
           Change journal receiver  . . . .  *NO      *NO, *YES
           Journal receiver:
             Journal receiver . . . . . . .  *GEN     Name, *SAME, *GEN
                Library . . . . . . . . . .           Name, *LIBL, *CURLIB
             Journal receiver . . . . . . .           Name, *GEN
                Library . . . . . . . . . .           Name, *LIBL, *CURLIB
            Sequence option . . . . . . . .  *CONT     *CONT, *RESET

The command performs a clean-up process against the specified journal's receiver directory. You can specify the number of journal receivers to retain, the number of days (since detachment), or a combination of both.

The force parameter controls whether the journal receivers should be saved to be eligible for deletion and, for remote journals, whether replication should occur.

Optionally, you can have the CHGJRN command run to change the journal receiver (before directory clean up).

Carsten has also included the Sequence option so you can ensure that the journal entry numbering is continued, regardless of the current default value on the CHGJRN command.

For more details about command parameters and command usage, refer to the help panel group.

The following source code is included in the download Zip file. Review the source code headers for compile instructions and additional documentation.

Name    Source   Description  
CBX959  RPGLE    Remove Journal Receivers -- CPP
CBX959H PNLGRP   Remove Journal Receivers -- Help
CBX959V RPGLE    Remove Journal Receivers -- VCP
CBX959X CMD      Remove Journal Receivers -- CMD 

Download a zip file containing all of the source code.

Note:As with all new programs, test these routines thoroughly before placing them into a production environment. No warranty is expressed or implied.

About the Author

Carsten Flensburg
Carsten is the author of the column "Carsten's Security Code for IBM i" that appears regularly in the SecureMyi Security Newsletter.

He has also been a long time technical editor and author for The System iNetwork. He is an IBM i application development manager for Novasol, the European vacation rental company of Wyndham Worldwide Corporation.

Carsten lives in Copenhagen, Denmark, with his wife, Dorthe, and his two children, Julian and Emilie.


© Copyright 2012 -, All Rights Reserved | St Louis MO 63017