A job is failing with the following:

IXG507I LOGGER SUBSYSTEM (ssname) LOG STREAM EXIT NOT REGISTERED,
        DD=ddname EXIT=exitname FUNCTION={CONVERTER | ALLOCATION}

As of IBM APAR OA51174, to use an exit_routine_name, specified as SUBSYS=(LOGR,exit_routine_name,...), then you are required to define a RACF authorization profile in the FACILITY class to cover the resource:

IXGLOGR.SUBSYS.LSEXIT.exit_routine_name

where exit_routine_name identifies the name of the log stream subsystem exit routine.

Release : 16.0

Component : CA Top Secret for z/OS

The Top Secret equivalent of the RACF FACILITY class is IBMFAC. 

The text of IBM APAR OA51174 contains the following:

** IBM recommends you do one of the following:
  (a) Define a discrete profile
      IXGLOGR.SUBSYS.LSEXIT.exit_routine_name for the FACILITY
      class to cover the resource, where exit_routine_name
      identifies the name of the log stream subsystem exit
      routine.  This profile should audit all failures and
      allow all users READ access.
      For example:
       RDEFINE FACILITY  IXGLOGR.SUBSYS.LSEXIT.exit_routine_name
        UACC(READ) AUDIT(FAIL(READ))

  (b) If you choose to allow for exit_routine_names that may not
      be explicitly known to be used on your system, meaning you
      did not define explicit discrete profile(s) as described
      in step (a) above, then consider also defining a generic
      profile IXGLOGR.SUBSYS.LSEXIT.* for the FACILITY class to
      cover the resources associated with using these log stream
      subsystem exit routines. Include in this generic profile
      the WARNING attribute.

      For example:
   RDEFINE FACILITY  IXGLOGR.SUBSYS.LSEXIT.*  UACC(NONE) WARN

      When this generic profile is used to cover the
      authorization check for a resource
      IXGLOGR.SUBSYS.LSEXIT.exit_routine_name , if the check
      fails since WARNING has been specified, RACF will issue
      the appropriate warning message to the user, logs the
      access attempt, and allows the user to access the
      resource.

      This generic profile approach is recommended only as a
      temporary mechanism to gather information on the possible
      exit routine names that need to be supported, and once
      known you can then define the appropriate discrete
      profiles.  Once the known exit routine names are covered
      by discrete profiles, then delete the
      IXGLOGR.SUBSYS.LSEXIT.* generic profile.
**

The equivalents of these in Top Secret are:

a) TSS ADD(dept) IBMFAC(IXGLOGR.)    (if not already owned)
TSS PERMIT(ALL) IBMFAC(IXGLOGR.SUBSYS.LSEXIT.exit_routine_name) ACCESS(READ) ACTION(AUDIT)

Where ‘dept’ is the department acid you want to own the resource

b) TSS ADD(dept) IBMFAC(IXGLOGR.)    (if not already owned)
TSS PERMIT(ALL) IBMFAC(IXGLOGR.SUBSYS.LSEXIT.) ACCESS(READ) ACTION(AUDIT)

Where ‘dept’ is the department acid you want to own the resource

ACTION(AUDIT) will cut an OK+A record when this permit is used to allow access. You can run TSSUTIL with the following REPORT statement to see these events:

REPORT EVENT(AUDTA) RESCLASS(IBMFAC) RESOURCE(IXGLOGR.SUBSYS.LSEXIT.)

You can then permit the IBMFAC(IXGLOGR.SUBSYS.LSEXIT.exit_routine_name) resources as appropriate. Once you feel comfortable, you can revoke the permit in the ALL record:

TSS REVOKE(ALL) IBMFAC(IXGLOGR.SUBSYS.LSEXIT.)