CA Compliance Event Manager
Capturing PASSPHRASE logons.
How to write a Compliance Event Manager policy statement in order to be able to
capture PASSPHRASE logons using the Successful Signon.
What test condition is used to check for Passphrase?
Release : 6.0
Component : CA Top Secret for z/OS
There was maintenance written for TSS to send the data to CEM and maintenance in CEM to write policy to filter on CredType (Credential type)
The TSS fix is: SO09286
TSSMVS-10282 W SO09286 09-24-2019 CEM FILTERING OF USERS SIGNON STATE, INBOUND CPF COMMANDS
The parallel CEM is: SO09872
CEVM-138 W SO09872 09-13-2019 CPF FILTERING SUPPORT
Once these are applied, the policy test condition for Signon event would be used for the field name Credential Type and there is a drop down of the possible values.