Implementation


SQL statements that access audited tables are captured by the Audit Initiator component, that runs in each audited DB2/VM database server. The DB2/VM log is not used for auditing purposes (except for INSERT format-2 commands).

The Audit Processor component runs in a dedicated virtual machine and writes to the audit log on behalf of audit event messages transmitted by one or more Initiators.

The Initiator(s) and the Processor communicate using shared dataspaces (or using IUCV if dataspace support is not available).

Data Compression

With VM/ESA Version 2 installed, SQL/AF may be requested to use data compression when writing to the audit log. With data compression, the disk space required for the log will be significantly reduced.