Why am I getting many SMF 231 records being recorded for security events with RC=0 on the SMF dataset?
Any ACID with TRACE or AUDIT attribute will cause all Unix System Services security event to be logged for the ACID.
The CA Top Secret OMVS trace will also cause security events with RC=0 to be logged to the SMF dataset.
Issue a 'ST DEL,ID=ALL,END' to turn off all CA Top Secret OMVS traces.
Release: TOPSEC00200-15-Top Secret-Security