Why am I getting many SMF 231 records being recorded for event with RC=0 on the SMF dataset?
search cancel

Why am I getting many SMF 231 records being recorded for event with RC=0 on the SMF dataset?

book

Article ID: 38256

calendar_today

Updated On:

Products

Top Secret Top Secret - LDAP

Issue/Introduction

Question:

Why am I getting many SMF 231 records being recorded for security events with RC=0 on the SMF dataset?

Answer: 

Any ACID with TRACE or AUDIT attribute will cause all Unix System Services security event to be logged for the ACID.

The CA Top Secret OMVS trace will also cause security events with RC=0 to be logged to the SMF dataset.

Issue a 'ST DEL,ID=ALL,END' to turn off all CA Top Secret OMVS traces.

 

Environment

Release: TOPSEC00200-15-Top Secret-Security
Component:
Powered by Wolken Software