IBMi (AS400) fans only - How to Sniff User Access
If you need to monitor user access on your IBM i system, you can use SQL to query the history log. Note: At the end of this post, you'll find a request directly addressed to you, the readers. Here’s a simple example of how you can do this: SELECT MESSAGE_ID, MESSAGE_TIMESTAMP, FROM_USER, MESSAGE_TEXT FROM TABLE ( QSYS2.HISTORY_LOG_INFO() ) WHERE message_id IN ('CPF1164', 'CPF1124') AND FROM_USER IN ('QSECOFR', 'QSYS', 'QSYSOPR') ORDER BY MESSAGE_TIMESTAMP In this query: - QSYS2.HISTORY_LOG_INFO(): This function retrieves information from the history log. - message_id IN ('CPF1164', 'CPF1124') : Filters the results to include only specific message IDs, which indicate sign-on and sign-off events. - FROM_USER in ('QSECOFR', 'QSYS', 'QSYSOPR'): Filters the results to include only messages from specific users. Update 28/07/2024: A Smart Enhancem