DetectIT was created to perform security related functions on the IBM i. Some of these tasks require the same level of authority as the IBM i security officer, QSECOFR; therefore the high level authorities we grant to these profiles are essential.
Without *SECOFR user class level authorities, the ALERT and ALERT01 profiles will not be able to perform certain tasks, for example:
- QAUDJRN System Auditing
- Profile Maintenance
- Policy Compliance
During installation or upgrade, both ALERT and ALERT01 are created/updated with the values USRCLS (*SECOFR) and SPCAUT (*USRCLS). This ensures these profiles have the correct level of authorities irrespective of the IMB i release. If IBM were to add additional authorities for the QSECOFR profile, this will ensure the additional authorities are granted to the ALERT and ALERT01 profiles also.
Please note that the ALERT profile is the security officer for DetectIT, while ALERT01 is used primarily to process network activity for DetectIT.
Last Modified On:
No, open a new Support Case
