ESP Cybermation resource doesnt get audited, when added to the AUDIT record.
Release : 16.0
Component : CA Top Secret for z/OS
A SECTRACE shows the following security check for ESP Cybermation resource IBMFAC(ESPT.ONLINE)
X TSS-F-0000*MVSLMI ESPNAWSS 50IBMFAC 2000 G/0000000B00,FF20000000 L/308002 F/04000F20,000900,8001,000000
X TSS-1 400000004000 00000000 T/0000000000 ESPT.ONLINE
X TSS-2 820000 R/128000 S/000980,0A0000000000 A/090000 P/CYBXD001,3502, ,CYBXD001 F/96C20500
X TSS-4 02000000 007CCBA0 7F4A0C18
The x'80' in the ' L/308002' indicates that LOG=NONE was set on the RACROUTE security call by the application.
CA Top Secret responds to security call and doesnt issue them. It is the application that is issuing the RACROUTE security call with LOG=NONE.
The external security manager (TSS,ACF2,RACF) will respect the LOG=NONE which means dont log/audit the violations, dont write security violations messages, and dont fail the job for the security violation.
LOG=NONE setting on the RACROUTE security call will not and cannot be overridden by external ESM (External Security Manager) such as Top Secret, ACF2 and RACF.