CICS ACF2LOG statistics show a count of ACF2 Resource Violations that cannot be matched by inspection of the ACFRPTRV report nor the CICS joblog. What accounts for this difference?
Article ID: 186990
Updated On:
Products
Issue/Introduction
ACF2LOG statistics show a count of ACF2 Resource Violations that cannot be matched by inspection of the ACFRPTRV report nor the CICS joblog. What accounts for this difference?
ACFM FUNCTION SD/GENERAL -- GENERAL INTERACTION WITH THE HOST ACF2 SYSTEM
-------------------------------------------------------------------------
A) CURRENT USERS SIGNED ON . . . . . . . . . . . . . . . . . . 2
B) TOTAL CA ACF2 CICS SIGN ON ACTIONS . . . . . . . . . . . . . 6
C) TOTAL CA ACF2 CICS SIGNOFF ACTIONS . . . . . . . . . . . . . 4
D) TOTAL NUMBER OF TERMINAL TIMEOUT SCANS PERFORMED . . . . . . 0
E) NUMBER OF USERS SIGNED OFF DURING TIMEOUT SCANS . . . . . . 0
F) TOTAL ACF2 RESOURCE RULE INTERPRETS . . . . . . . . . . . . 308
G) TOTAL ACF2 RESOURCE VIOLATIONS DETECTED . . . . . . . . . . 147
H) TOTAL ACF2 DATASET RULE INTERPRETS . . . . . . . . . . . . . 0
I) TOTAL ACF2 SVC-A REQUESTS MADE . . . . . . . . . . . . . . . 2
Environment
Release : 16.0
Component : CA ACF2 for z/OS
Cause
Resolution
For example, one violation that is not normally logged is a RACROUTE AUTH or FASTAUTH call which specified LOG=NONE or LOG=NOFAIL or LOG=NOSTAT.
Also, any site code which uses the ACGRENT parameter list in calling the ACF2 SVC can result in multiple validations of access for just one SVC call.
Other violations that are counted by the ACF2LOG report will not be seen anywhere else unless you have TRACE set on the related LID.
Feedback
