Description:

Health Checker warnings for CA 1.

Solution:

The document will help you navigate and understand the CA 1 Health Checker.

Requirements for CA 1 Health Checker

The CA Health Checker common service provides a simple and consistent method for CA products to create health checks to run under the IBM Health Checker for z/OS. The IBM Health Checker for z/OS allows you to identify potential problems in your z/OS environment by checking system or product parameters and system status against recommended settings. CA has joined other vendors in creating checks for CA z/OS products.

To take advantage of this feature, you must have the following components configured and running on your system:

• Operating system must be z/OS 1.8 or higher.
  
  
• IBM Health Checker for z/OS must be active. This is distributed with every supported level of z/OS.
  
  
• CA Health Checker Common Service FMID CEF5C00 must be installed. This is available with post r11 SP8 apar RO05819. Two other pibs that should be reviewed are RI05071 and RI05073.
  
  
• CTSHCK subtask of the Common Tape System (CTS) address space must be active. This is available with CA 1 R11.5 SP5 Genlevel 0904 or by applying RO04520.

The following are the 15 new Health Checkers added to CA1:

1. CA1_AUDIT_VRFY_WITHIN_LOW_THRSH: This check is intended to provide the first alert that the Audit file may be filling up.
   
   
2. CA1_AUDIT_VRFY_WITHIN_MED_THRSH: This is the secondary check to monitor space in the CA1 Audit file. This check is triggered because no steps were taken after an exception was raised by the low check that space is running short in the Audit file.
   
   
3. CA1_FREE_DSNB_LOW_THRSH: This option is the first low threshold check to provide early notification that DSNBs are being used up.
   
   
4. CA1_FREE_DSNB_MEDIUM_THRSH: This check is the secondary medium threshold check to alert users that they may be running short on free (unused) DSNB records in the TMC.
   
   
5. CA1_FREE_DSNB_QUICK_SCAN: This check inspects the first n number of DSNBs in the free DSNB chain (knows as the SCANLIMIT) to ensure that none of them are found to be in use.
   
   
6. CA1_TMC_AUDIT_PLACEMENT: This check is to ensure that the CA 1 TMC and Audit data sets are placed on different volumes.
   
   
7. CA1_USED_DSNB_FREE_CHAIN: This check scans the entire free chain to verify that there are no used DSNBs in the free chain.
   
   
8. CA1_VRFY_MIXED_EXPDT_OPTION: This check verifies the setting of the option MIXEXP. It is recommended to have MIXEXP=DISALLOW or WARN. This should be researched so that tapes are not expired prior to when expected.
   
   
9. CA1_VRFY_MIXED_GDG_OPTION: This check verifies the setting of the MIXGDG option. It is recommended that it be set to Y so that when generation data groups (GDGs) that include both disk and tape data sets in the same GDG expire correctly.
   
   
10. CA1_VRFY_OPTION_DCHG: This check identifies possible problems associated with dynamic label change processing based on the CA 1 system option DCHG.
    
    
11. CA1_VRFY_OPTION_LCHG: This check identifies possible problems associated with changing a label type based on the CA 1 system option LCHG.
    
    
12. CA1_VRFY_OPTION_TCHG: This check identifies possible problems associated with changing the dynamic tape recording technique based on the CA 1 system option TCHG.
    
    
13. CA1_VRFY_SECURITY_EXIT_FUNC: This check is provided to warn users that basic security setup has not been performed to protect their assets on tape. This exposure is associated with the setting o f the CA 1 system option FUNC, which controls the security checking to be done in the real-time nonresident (foreign) and label processing areas.
    
    
14. CA1_VRFY_SECURITY_EXIT_PSWD: This check raises an exception when it finds that security has not been set up for the CA 1 ISPF panels.
    
    
15. CA1_VRFY_SECURITY_EXIT_YSVC: This check verifies that access to the TMC is protected by the setting of the CA 1 system options YSVC and BATCH and rules in the external security system.

If any exceptions are encountered then one of the following will be issued:

• TMSH0011E Your CA 1 security options allow unauthorized users to access privileged tape data that they would otherwise be unable to access. Any user specifying EXPDT=98000 can access any tape and read or update it.
  
  
• TMSH0021E Your CA 1 security options allow unauthorized users to update your Tape Management Catalog (TMC) using the YSVC services of CA 1. Any user can access and update any record in the TMC.
  
  
• TMSH0031E Your CA 1 Tape Management Catalog (TMC) and your Audit file are on the same volume.
  
  
• TMSH0041E Current DSNBs usage of xx%, is over the medium threshold of xx%.
  
  
• TMSH0051E Your CA 1 security options allow unauthorized users access to the CA 1 ISPF online system passwords. Anyone with access to the CA 1 ISPF interface may be able to access the TMC.
  
  
• TMSH0061E Your CA 1 free DSNB chain has one or more used DSNBs in the chain. Once the first of these used DSNBs has reached the top of the free DSNB chain, any attempt to create a secondary file will result in a 3YY-112 abend.
  
  
• TMSH0071E Your CA 1 option MIXGDG is set to 'NO' and OCTLG is set to 'NO'. Generation datasets created on mixed devices may result in CA 1 not recognizing that a GDG(+1) on DASD has caused the roll off of a tape generation thus preventing CA 1 from expiring generation datasets accordingly.
  
  
• TMSH0081E Your CA 1 option MIXEXP is not set to WARNING or DISALLOW. Mixing expiration dates during the creation of secondary files on a single or multi-volume dataset(s) may result in premature scratching of volume(s).
  
  
• TMSH0091E Current Audit usage of xx%, is over the medium threshold of xx%.
  
  
• TMSH0101E Current Audit usage of xx%, is over the low threshold of yy%.
  
  
• TMSH0111E Current DSNBs usage of xx%, is over the low threshold of xx%.
  
  
• TMSH0121E One or more used DSNBs were found within the first nnnn DSNBs in the free chain. Once the first of these used DSNBs has reached the top of the free DSNB chain, any attempt to create a secondary file will result in a 3YY-112 abend.
  
  
• TMSH0131E Your CA 1 realtime processing options disallow dynamic density change. Any attempt to change the density or compaction mode of a scratch tape when opening it for output will fail.
  
  
• TMSH0141E Your CA 1 realtime processing options disallow dynamic label change. Any attempt to change the label type of a scratch tape when opening it for output will fail.
  
  
• TMSH0151E Your CA 1 realtime processing options disallow dynamic tape recording technique change. Any attempt to change the recording technique of a scratch tape when opening it for output will fail.
  
  
• TMSH102E #HCHECK FUNCTION=CHK-MSG failed RC=xxxx with R0=xxxx
  
  These messages are documented in the CA 1 Message Guide.

CA 1 has set up default values based on best practices and recommendations. These values can be modified to meet your environment's needs by either:

• Specifying desired defaults on the POLICY statement in the HZSPRMxx member of Parmlib.

Or

• By using the MODIFY command to pass the desired parameters to the IBM Health Checker for z/OS started task

Some helpful manuals are:

• IBM Health Checker for z/OS User's Guide.
  
  
• CA 1 Administrator and Operator Guide.
  
  
  • Chapter 10, 11 and Appendix A.
    
    
• CA 1 Message Guide.

The CA1 Health Checker task is documented in Chapter 10 of the Administrator and Operator Guide.