Hi All,
I am creating a user that only has access to the system log / system load folders and app groups. However, I want everything that the user searches to be logged (65/66 records). I went to turn this on and noticed that there is no storage set setup for the System Log app group on my system which I believe I've seen before. Is there a better way of doing what I want to do? What if I change the storage set to cache only - library server (1 server environment...)
Thanks
I'd actually run this as an exit -- it allows you to capture precisely the info you want (UserID=SysLogUser1, Msg_Num=65 or Msg_num=66), whereas you'd have to turn on Query/Retrieve logging for all users of the System Log.
Of course, both solutions come with some overhead -- so do lots of performance testing before implementing.
-JD.
Quote from: Justin Derrick on September 07, 2017, 07:50:05 PM
I'd actually run this as an exit -- it allows you to capture precisely the info you want (UserID=SysLogUser1, Msg_Num=65 or Msg_num=66), whereas you'd have to turn on Query/Retrieve logging for all users of the System Log.
Of course, both solutions come with some overhead -- so do lots of performance testing before implementing.
-JD.
I was actually overthinking this. I guess it was more for "the powers to be.." to be able to have access to what a specific user did in the system log. I made a user, threw some query restrictions on the user and restricted access to the things we wouldn't want them looking at. But, I will take a look at the arslog exit. Thanks!
Ah yes. Query restrictions are a much better solution -- prevent someone from ever seeing something, rather than trying to catch them after the fact.
-JD.