How can the ACFRPTRV report showing a violation be used to write a rule in ACF2?
Article ID: 185789
Updated On:
Products
CA ACF2
CA ACF2 - DB2 Option
CA ACF2 for zVM
CA ACF2 - z/OS
CA ACF2 - MISC
CA LDAP Server for z/OS
CA PAM Client for Linux for zSeries
CA Web Administrator for Top Secret
Issue/Introduction
The ACFRPTRV report picks up this violation:
RLOG-LGRPPPS.CA7.CA7Q *VIO RLOG-LGRPPPS
STC CALOGGER STCINRDR EPRD ACF9CAUT NO-REC - DIRECTRY UPDT
20.064 03/04 10.01 CALOGGER CALOGGER STC CALOGGER 0 0 20 0 16
SAF RESOURCE CLASS LOGSTRM
RESOURCE NAME: LGRPPPS.CA7.CA7Q
How should a rule be written?
Environment
Release : 16.0
Component : CA ACF2 for z/OS
Resolution
The rule would look like this:
$KEY(LGRPPPS) TYPE(LOG)
CA7.CA7Q UID(STC**********CALOGGER) SERVICE(READ UPDATE) ALLOW
Then you would restart the STC (or address space) for the new rule to take effect.
$KEY(LGRPPPS) TYPE(LOG)
CA7.CA7Q UID(STC**********CALOGGER) SERVICE(READ UPDATE) ALLOW
Then you would restart the STC (or address space) for the new rule to take effect.
Feedback
Yes
No
Powered by
