TSSUTIL does not list TABLESPACE Event
Since there are No TSS/DB2 and Native DB2 security is used, VSAM creation by STC DBM1 should be recorded.
Are there ways to check if security call is passed by the STC ?
Release : 16.0
Component : Top Secret for z/OS
SECTARCE and SAFTRACE should be checked.
SECTARCE:
1) TSS ADD(DBM1 acid) TRACE
2) TSS MODI(SECTRACE(ACT,WTL))
3) Create TABLESPACE
4) TSS MODI(SECTRACE(OFF))
5) TSS REM(DBM1 acid) TRACE
SAFTARCE:
1) Allocate PS dataset with LRECL=133 FB
2) Enter following command to setup SAFTRACE from console
ST SET,ID=TSS1,TYPE=SAF,JOBNAME=DB2EDBM1,DEST=DATASET,DSN=ps-dataset,FORMAT=DUMP,TRACE=ALL,END
3) Create TABLESPACE
4) Enter following command to delete SAFTRACE from console
ST DEL,ID=ALL
If there are no records in the SECTRACE that usually means no RACROUTE was issued.
If no RACROUTE is issued by the application or z/OS then Top Secret can't stop unauthorized access and audit the event.