Determining type of access and allowed via ACF2 SMF violation record for dataset and resource access
Article ID: 216530
Updated On:
Products
Issue/Introduction
Generating dataset and resource violation reports from formatted SMF records.
What fields should be looked at to find access requested and access permissions.
Environment
Release : 16.0
Component : CA ACF2 for z/OS
Resolution
For resource validations, these are the fields that provide requested access.
for resource validations in smf record ACFSMFVX inCAX1MAC0.
ACVMFLGS DS X INPUT FLAGS
ACVMFARD EQU X'20' READ REQUEST
ACVMFADD EQU X'10' ADD REQUEST
ACVMFDEL EQU X'08' DELETE REQUEST
ACVMFUPT EQU X'04' UPDATE REQUEST
*
ACVMFLG2 DS X Information flag 3
ACVMFAEX EQU X'80' ...EXECUTE request
These fields provide record type info for resource validations.
ACVMFTF DS X MODE FLAG
ACVMFTFT EQU 0 TRACE RECORD
ACVMFTFL EQU 1 LOGGING RECORD
ACVMFTFV EQU 2 VIOLATION RECORD
The value of each bit in the referenced fields can be found in CAX1MAC0
member ACFSMFDX
Here are the relevant values....
example A$SLAPPL value=82 - this means A$SLARD (x'80') plus A$SLAEX (x'02') = 82 = READ ALLOW and EXEC ALLOW
A$SLAPPL DS XL1 ACCESS FLAGS
A$SLARD EQU X'80' READ ALLOW
A$SLARDL EQU X'40' READ ALLOW - LOG
A$SLAWT EQU X'20' WRITE ALLOW
A$SLAWTL EQU X'10' WRITE ALLOW- LOG
A$SLAAL EQU X'08' ALLOC ALLOW
A$SLAALL EQU X'04' ALLOC ALLOW- LOG
A$SLAEX EQU X'02' EXEC ALLOW
A$SLAEXL EQU X'01' EXEC ALLOW - LOG
example A$SSPAC1 value = 0F - this means A$SSPAOU (x'0F') = OUTPUT ACCESS requested
A$SSPAC1 DS XL1 ACCESS FLAGS
SPACE 1
A$SSPAIN EQU X'00' INPUT ACCESS
A$SSPARB EQU X'01' READBACK ACCESS
A$SSPAIO EQU X'03' IN/OUT ACCESS
A$SSPAUP EQU X'04' UPDATE ACCESS
A$SSPAOI EQU X'07' OUT/IN ACCESS
A$SSPAOU EQU X'0F' OUTPUT ACCESS
A$SSPAEX EQU X'70' EXEC ONLY ACCESS
Feedback
