How can the ACFRPTRV report showing a violation be used to write a rule in ACF2?

book

Article ID: 185789

calendar_today

Updated On:

Products

CA ACF2 CA ACF2 - DB2 Option CA ACF2 for zVM CA ACF2 - z/OS CA ACF2 - MISC CA LDAP Server for z/OS CA PAM Client for Linux for zSeries CA Web Administrator for Top Secret

Issue/Introduction

The ACFRPTRV report picks up this violation: 

 RLOG-LGRPPPS.CA7.CA7Q                           *VIO  RLOG-LGRPPPS                               
 STC          CALOGGER    STCINRDR EPRD ACF9CAUT NO-REC     -     DIRECTRY UPDT
 20.064 03/04 10.01    CALOGGER CALOGGER STC CALOGGER           0   0  20   0  16
 SAF RESOURCE CLASS LOGSTRM
  
 RESOURCE NAME: LGRPPPS.CA7.CA7Q

How should a rule be written?

Environment

Release : 16.0

Component : CA ACF2 for z/OS

Resolution

The rule would look like this:

$KEY(LGRPPPS) TYPE(LOG)
CA7.CA7Q UID(STC**********CALOGGER) SERVICE(READ UPDATE) ALLOW

Then you would restart the STC (or address space) for the new rule to take effect.