Kerberos Reporting
search cancel

Kerberos Reporting


Article ID: 107955


Updated On:


Top Secret Top Secret - LDAP


To report on successful Kerberos authentications (R_kerbinfo service) do we need to enable SMF type 231 records for input to the TSSOERPT utility?


Component: TSSMVS


Here is the info from the doc: TSSOERPT Utility Last update May 14, 2015 The TSSOERPT batch utility processes security-related activity recorded in SMF data sets to monitor user activity in a UNIX System Services (USS) environment. CA Top Secret logs security events under this environment to SMF using standard CA Top Secret SMF type 231 records. By default, log records are written for any security event that denies the ACID access to a USS function or resource. These records can assist you in determining the UID and GID of the ACID that was involved in the attempted access. The TSSOERPT utility uses type 231 SMF records. To get output for this report, you must be logging type 231 records to SMF.

You need to be logging type 231 records to SMF to get any TSSOERPT output.

The following link shows the service field values: