We have Web Viewer V14.0 installed in our RACF environment and have found end users are recording significant numbers of violations against the FACILITY class profile BPX.SMF when they interact with reports in Web Viewer.

The documentation (RACF Security Requirements (broadcom.com)) says ‘If you want Web Viewer to create SMF records to monitor usage, appropriate security permissions are required for the IBM BPX1SMF service. Both the Web Viewer application server and the logged in user must have permission to the BPX.SMF resource profile in the FACILITY class.’

At this stage we have no requirement for Web Viewer to create the SMF logs and do not wish to grant FACILITY BPX.SMF access to all the IDs using the Web Viewer tool. Can you advise if there is something in the configuration that we can change that would stop the BPX.SMF requests being made?

Output Management Web Viewer™ for z/OS 14.0

View tasks have SMFTYPE set to 245. So, for those databases we will be producing SMF records in all environments. If you do not want SMF records, then run SARINIT, setting SMFTYPE=0. If you just don’t want SMF records written for Web Viewer, you will have to customize the SARSMFUX user exit to not write the SMF records in that environment. The only other option is to permit BPX.SMF for the Web Viewer users.