search cancel

TSSUTIL doesnt match Compliance Event Manager tracking.

book

Article ID: 134402

calendar_today

Updated On:

Products

Top Secret Top Secret - LDAP Compliance Event Manager

Issue/Introduction

Resource are being tracked by Compliance Manager but not by the CA Top Secret TSSUTIL.

Environment

Release :

Component : CA Top Secret for z/OS

Resolution

There is a LOG=NONE setting on a RACROUTE security call. RACROUTE is what z/OS or application uses to talk to Top Secret to see if a user is authorized for a resource. 


LOG=NONE on a RACROUTE security call tell CA Top Secret not to log the violations to audit and not put out any messages when a users causes a security violation.


CEM has functionality to report on violations that occurred with LOG=NONE. TSSUTIL will not report on violations with LOG=NONE. 


This is why there is discrepency between the CEM report and the TSSUTIL reports. This not a bug. Just how CEM works.