PTF SO07750 provides Detail AUDIT file change information
Article ID: 131920
CA VM:Secure for z/VM
New functionality available in enhancement PTF SO07750.
This enhancement provides rule record details of rule file updates in the CA VM:Secure audit data. Prior to this enhancement rules file updates were indicated in the audit data but the details of the rules file changes were not.
Once this ptf is applied and the new logic deployed and initialized you can enable the new detailed auditing for rules updates by adding the configuration file record AUDITDET RULES to the VM:Secure SECURITY configuration file.
Note that you must first be configured with variable audit record format to configure detailed rule file auditing. See the VM:Secure Reference wiki under Configuration File Reference for the AUDRECFM configuration record and information for converting your VM:Secure audit file to variable format.
Processing and Implementation Considerations:
You must apply VM:Secure RSU 1801, available in PTF SO01600 before applying this PTF.
When you configure AUDITDET RULES to enable production of detail audit records for rule updates the product will produce more audit records that will be larger than then those currently produced. You may need to increase the size of the VMSECURE service machine AUDIT (1D0) disk to hold the increased amount of audit data produced between audit data extracts.
See the AUDITEXT command in the VM:Secure Reference for further information about extracting audit data from VM:Secure.