The audit log files have names that distinguish whether they are instance-level or database-level logs and which member they originate from in a multiple member database environment, such as a DB2 pureScale environment or a partitioned database environment. Archived audit logs have the timestamp of when the archive command was run appended to their file name.
In a multiple member database environment, the path for the active audit log can be a directory that is unique to each member so that each member writes to an individual file. In order to accurately track the origin of audit records, the member number is included as part of the audit log file name. For example, on member 20, the instance level audit log file name is db2audit.instance.log.20. For a database called testdb in this instance, the audit log file is db2audit.db.testdb.log.20.
In a single member database environment the member number is considered to be 0 (zero). In this case, the instance level audit log file name is db2audit.instance.log.0. For a database called testdb in this instance, the audit log file is db2audit.db.testdb.log.0.
When the active audit log is archived, the current timestamp in the following format is appended to the filename: YYYYMMDDHHMMSS (where YYYY is the year, MM is the month, DD is the day, HH is the hour, MM is the minutes, and SS is the seconds.
In a single member database environment, the value for member is 0 (zero).