One of the fun tasks that is looking me in the face is generating a
list of potential stale accounts that access DB2. The systems are
running on OS authentication (login exists at the operating system
level).
The obvious place to look is the system log and get an aged listing of
logins.
The question I have is that while this is a great idea when the user
logs in to the server (telnet or a terminal session), but is this sort
of information present when the user comes directly against the
database using ODBC or similar processes?
Oh, and yes, not running auditing of successful logins.