SkyView Launches New Auditing Tool
October 5, 2010 Alex Woodie
SkyView Partners last week officially unveiled Audit Journal Reporter, a new utility aimed at making it easier to pull data out of the IBM i audit journal. The new product includes pre-built reports for common IBM i events that administrators and auditors want to know about, and allows them to build their own custom reports, too.
Audit Journal Reporter includes more than two dozen preconfigured templates that, when run against the IBM i audit journal, will generate reports that give a detailed look at the IBM i server’s current state of security and compliance.
Examples of reports include: invalid sign-on attempts; changes to auditing values; creation of user profiles; changes to user profiles; commands run by a particular user; use of particular commands by all users; issues related to moving to security level 40; starting and stopping of jobs by particular users; object ownership changes by user; object creation and deletion; use of profile swaps; and others.
SkyView decided to build the new Audit Journal Reporter when company officials realized how much time IBM i customers were spending writing custom queries to run against the audit journal.
“We were surprised to find that a large number of people are still writing custom queries to pull information from the audit journal,” SkyView COO John Vanderwall says in a press release. “We saw a real need for a new, up-to-date product that focuses on the compliance information auditors are requesting that resides in the audit journal.”
SkyView president Carol Woodbury says she spent a lot of time researching the types of reports that customers need. “It’s been a long time since a new audit journal reporting tool has been introduced into the market. A lot has changed over the years,” she says in a press release. “Many new events are now being logged and new fields added to audit entries since the last audit product was introduced many years (IBM i releases) ago.”
In addition to providing information for auditors, the software can be used by managers and administrators as a day-to-day security tool, and used by forensic accountants to re-create the state of the system following a security incident.
Reports are output in a variety of formats, including IBM i spooled files, PDF, CSV, XLS, as an outfile, and in the Syslog format, which is popular among security information and event management (SIEM) tools. All releases of the OS from i5/OS V5R3 through IBM i 7.1 are supported. Pricing is based on P-groups and ranges from $2,495 to $6,250. For more information and downloads, go to the company’s website at www.skyviewpartners.com.