Top Secret report on successful Dataset activity using TSSUTIL Report
Article ID: 145387
Updated On:
Products
Top Secret
Issue/Introduction
have executed a TSSUTIL report with the following report criteria: EVENT(ALL) DATASET(xxxxxx) bur no successful DATASET access was shown.
Environment
Release : 16.0
Component : CA Top Secret for z/OS
Resolution
There are several methods to audit in Top Secret, including:
1) ADD LOG(ACCESS) to the Global Control Options
2) The AUDIT attribute on an acid. Example: TSS ADD(acid) AUDIT
3) Add the resource in the AUDIT record. Example: TSS ADD(AUDIT) DSN(ABCD)
4) Put ACTION(AUDIT) on a TSS PERMIT command. Example: TSS PERMIT(acid) DSN(ABCD) ACTION(AUDIT)
5) Put the AUDIT attribute on a facility. Example: TSS MODIFY FAC(CICSPROD=AUDIT).
6) Put ACTION(AUDIT) for an ADD(acid) FAC(fac) Example: TSS ADD(ALL) FAC(fac) ACTION(AUDIT)
If Resource is already PERMITTED to ACID without ACTION(AUDIT) you will need to:
Remove the entry you have and then permit back on to
the ACID with ACTION(AUDIT)
Then run TSSUTIL with REPORT EVENT(AUDIT) dsn(sys1) and
it will report on all accesses to it.
1) ADD LOG(ACCESS) to the Global Control Options
2) The AUDIT attribute on an acid. Example: TSS ADD(acid) AUDIT
3) Add the resource in the AUDIT record. Example: TSS ADD(AUDIT) DSN(ABCD)
4) Put ACTION(AUDIT) on a TSS PERMIT command. Example: TSS PERMIT(acid) DSN(ABCD) ACTION(AUDIT)
5) Put the AUDIT attribute on a facility. Example: TSS MODIFY FAC(CICSPROD=AUDIT).
6) Put ACTION(AUDIT) for an ADD(acid) FAC(fac) Example: TSS ADD(ALL) FAC(fac) ACTION(AUDIT)
If Resource is already PERMITTED to ACID without ACTION(AUDIT) you will need to:
Remove the entry you have and then permit back on to
the ACID with ACTION(AUDIT)
Then run TSSUTIL with REPORT EVENT(AUDIT) dsn(sys1) and
it will report on all accesses to it.
Feedback
Yes
No
Powered by
