DB2 Audit Policy not producing EXECUTE data


I'm trying to set up an Audit facility on a DB2 AWSE V10.5 FP5 database

running on Red Hat Linux Server 6.8.

The definition for the policy is :

        Audit STATUS Failure, 
        Checking STATUS Failure, 
        Context STATUS Failure, 
        ObjMaint STATUS Failure, 
        SecMaint STATUS Failure, 
        **execute with data STATUS Failure**,
        Validate STATUS Failure 

This is producing data for all the categories, except EXECUTE.

My test script includes statements that fail with SQL0204, SQL0206, etc. but no data is extracted into the execute.del file in the audit output.

Anyone have an idea what I'm missing?

Best Answer

A note in the manual explains why these statements do not make it into the audit log:

The preparation of a statement is not considered part of the execution. Most authorization checks are performed at prepare time (for example, SELECT privilege). This means that statements that fail during prepare due to authorization errors do not generate EXECUTE events.

SQL0204N and SQL0206N, both of which complain about invalid object names, are raised during the statement parse phase, that is, before execution starts. Errors raised after execution starts, such as SQL0911N (lock timeout), will be audited.