Top Secret report on successful Dataset activity using TSSUTIL Report

book

Article ID: 145387

calendar_today

Updated On:

Products

CA Top Secret

Issue/Introduction


 have executed a TSSUTIL report with the following report criteria: EVENT(ALL) DATASET(xxxxxx) bur no successful DATASET access was shown.

Environment

Release : 16.0

Component : CA Top Secret for z/OS

Resolution

There are several methods to audit in  Top Secret, including:

1) ADD LOG(ACCESS) to the Global Control Options

2) The AUDIT attribute on an acid. Example: TSS ADD(acid) AUDIT

3) Add the resource in the AUDIT record. Example: TSS ADD(AUDIT) DSN(ABCD)

4) Put ACTION(AUDIT) on a TSS PERMIT command. Example: TSS PERMIT(acid) DSN(ABCD) ACTION(AUDIT)

5) Put the AUDIT attribute on a facility. Example: TSS MODIFY FAC(CICSPROD=AUDIT).

6) Put ACTION(AUDIT) for an ADD(acid) FAC(fac) Example: TSS ADD(ALL) FAC(fac) ACTION(AUDIT)

If Resource is already PERMITTED to ACID without ACTION(AUDIT) you will need to:
Remove the entry you have and then permit back on to
the ACID with ACTION(AUDIT) 
 Then run TSSUTIL with REPORT EVENT(AUDIT) dsn(sys1) and
 it will report on all accesses to it.