No Top Secret Security Violations Message Logged
search cancel

No Top Secret Security Violations Message Logged

book

Article ID: 54499

calendar_today

Updated On:

Products

Top Secret

Issue/Introduction

When an unauthorized access to a Top Secret protected resource is attempted, no Top Secret security violation is logged to the console.

Resolution

Top Secret Control Option "LOG(NONE)" was specified globally or on the FACILITY level.

The LOG control option should be changed to meet your sites security requirements, policies and standards.

The LOG control option:

  • Identifies the types of events that Top Secret logs.

  • Specifies whether the events are logged onto the ATF (Audit Tracking File) and/or onto the SMF files (System Management Facility).

  • Specifies if the violation message is displayed.

The LOG option affects all facilities. A Global LOG command can be overridden by a LOG operand entered as a sub option for a specific facility.

This control option has the following format:

    LOG(ACTIVITY,ACCESS, SMF , SEC9 , INIT , MSG )|(NONE)|(ALL) 

NONE

Deactivates all SMF and ATF logging, except for violations and audited events to the ATF.

If the user facility is in DORMANT mode, no logging takes place unless the resource permitted is specified with ACTION(FAIL).

ACTIVITY

Logs all activity for all facilities to the SMF. This is the same as specifying:

     LOG(ACCESS,INIT) 

SMF

Events are written to the SMF file in addition to the ATF if applicable.

ACCESS

Logs all resource access, except for the following:

  • DBD

  • FCT

  • JCT

  • LCF

  • OTRAN

  • PPT

  • PROGRAM

  • PSB

SEC9

Routes violation summary messages to the security console via route code 9:

  • TSS7100E

  • TSS7220E

  • TSS7200E

  • TSS7250E

INIT

Logs all job/session initiations and terminations.

MSG

Violation messages are displayed for batch jobs, started tasks, or at the online user's terminal.

For users in FAIL mode, violation messages will always appear. Password violations also appear.

ALL

Selects all log options for all facilities.

The default is LOG(SMF,INIT, SEC9, MSG).