What are common questions/documentation needed to debug a Top Secret problem?

Product: Top Secret

The following is a list of what information to find out before calling support:

1. When did the problem start?
2. Did this ever work before?
3. What changed?
4. What genlevel of TSS?
5. What genlevel of Common Services (if problem is CICS or CPF related)?
6. Is the problem re-creatable? If yes, how?
7. If the problem is in CICS, find out if you get all the phase messages at startup. Also, what release of CICS and what mode?
8. Is the problem happening for 1 user or all users?
9. If there is an error message, what is the message id and text?
10. If there is an abend, what is the abend code, module, and offset?

If the problem is a security violation, a TSSUTIL report should be run.  

If a dump of the TSS address space is needed, issue TSS MODI SVCDUMP.

If a console dump is needed, use the following command from the console:
DUMP COMM=region to be dumped
R nn,JOBNAME=jobname,SDATA=(ALLNUC,CSA,LPA,NUC,PSA,RGN,SQA,SUM,SWA,TRT),END

If a slip trap needs to be set to capture an SVC dump for an abend, use the following command from the console:
SLIP SET,C=nnn,ID=TSS,J=jobname,A=SVCD,ML=1,END
Where 'nnn' is the abend code (ie 0C4 for S0C4 abend)

If a DIAGTRAP dump is needed  use:
TSS MODIFY DIAGTRAP(1,ON,KER,acid,decimaldrc,resclass,jobname,matchlim)
DIAGTRAP should be used only under the
direction of CA TSS support.
To turn off the DIAGTRAP, issue TSS MODIFY DIAGTRAP(ALL,DEL).

If a security trace of a user is needed, use the following commands:
TSS ADD(user) TRACE (if the user is signed on, he will need to either signoff and back on or a
TSS REFRESH(user) JOBNAME(*) needs to be issued.
TSS MODI SECTRACE(ACT,WTL)
Recreate problem
TSS MODI SECTRACE(OFF)
TSS REM(user) TRACE

If a security trace of a facility is needed, use the following commands:
TSS MODI FAC(fac=TRACE)
TSS MODI SECTRACE(ACT,WTL)
Recreate problem
TSS MODI SECTRACE(OFF)
TSS MODI FAC(fac=NOTRACE)

A facility trace traces all activity in that facility, so to keep the output to a minimum, please do not activate the trace until just before you're going to recreate the problem and turn off the trace right after you've recreated it.

If the problem is an OMVS problem, one or more of the following may be needed:
An OMVS trace:
ST SET,ID=xxx,TYPE=OMVS,FUNC=ALL,TRACE=AFTER,END

A SAF trace:
ST SET,ID=yyy,FORMAT=DUMP,DEST=SYSLOG,MATCHLIM=0,TRACE=AFTER,END

A TSSOERPT, which is documented in Report and Tracking of the Top Secret User's Guide 

The ST commands above should be issued from the console. Do not issue them until just before you're going to recreate the problem. To activate the traces, issue ST ENABLE,ID=ALL and to turn them off, issue ST DISABLE,ID=ALL. All output for the traces should go to the SYSLOG.

You can email the output to [email protected] and in the subject field, put case number as {Case#nnnnnnn} ##

If the problem is in CICS, an auxtrace may be needed.
CICS auxtrace for events in CICS. The client's CICS person should know how to do this.
When running the auxtrace, issue TSEU=TRACE=ON (for CICS 4.1 and above) from native CICS so the security events are written in with the auxtrace records.

If DIAGTRAP is needed, turn on DIAGTRAP first, then auxtrace, then turn off DIAGTRAP last.

Make sure CICS internal trace table > 3000 entries

Auxtrace with TSEU=TRACE=ON
---------------------------
1) Start auxtrace to disk
2) From native CICS, issue TSEU=TRACE=ON
3) reproduce problem
4) Stop auxtrace
5) TSEU=TRACE=OFF

TSS MODI DIAGTRAP(ALL,DEL)