ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

ACCESS(UPDATE) For Datasets In The Top Secret Audit Tracking File Logs READ And UPDATE

book

Article ID: 186415

calendar_today

Updated On:

Products

Top Secret

Issue/Introduction

In order to activate AUDIT for only updates to a data set, the following was added to the AUDIT ACID:

ACCESSORID = *AUDIT*   NAME       = RESOURCE-AUDITING
TYPE       = GLOBAL    SIZE       =      256  BYTES
CREATED    = 10/26/87  00:00  LAST MOD   = 03/12/20  11:22
DATASET    = 'SYS1.PARMLIB'
   ACCESS  = UPDATE

TSS0300I  LIST     FUNCTION SUCCESSFUL

The TSSUTIL report shows the audit for READ accesses in addition to the UPDATE accesses.

Environment

Release : 16.0

Component : CA Top Secret for z/OS

Resolution

Because UPDATE access implies READ access for datasets, ACCESS=UPDATE in the AUDIT record for a dataset will also audit the successful attempts to read the dataset. Since the access level for an actual 'update' is a WRITE, using ACCESS(WRITE) instead of ACCESS(UPDATE) in the AUDIT record should only audit the update accesses, not the read accesses. 

TSS ADD(AUDIT) DSN('SYS1.PARMLIB') ACCESS(WRITE)