capture PASSPHRASE logons

book

Article ID: 143692

calendar_today

Updated On:

Products

CA Compliance Event Manager

Issue/Introduction

Capturing PASSPHRASE logons.


How to write a Compliance Event Manager policy statement in order to be able to
capture PASSPHRASE logons using the Successful Signon.
What test condition is used to check for Passphrase?

Environment

Release : 6.0

Component : CA Top Secret for z/OS

Resolution

There was maintenance written for TSS to send the data to CEM and maintenance in CEM to write policy to filter on CredType (Credential type)

The TSS fix is: SO09286

TSSMVS-10282 W SO09286 09-24-2019 CEM FILTERING OF USERS SIGNON STATE, INBOUND CPF COMMANDS

The parallel CEM is: SO09872

CEVM-138 W SO09872 09-13-2019 CPF FILTERING SUPPORT

Once these are applied, the policy test condition for Signon event would be used for the field name Credential Type and there is a drop down of the possible values.