No CA Top Secret Security Violations Message Are Being Logged
search cancel

No CA Top Secret Security Violations Message Are Being Logged

book

Article ID: 54499

calendar_today

Updated On:

Products

Cleanup Datacom DATACOM - AD CIS COMMON SERVICES FOR Z/OS 90S SERVICES DATABASE MANAGEMENT SOLUTIONS FOR DB2 FOR Z/OS COMMON PRODUCT SERVICES COMPONENT Common Services CA ECOMETER SERVER COMPONENT FOC Easytrieve Report Generator for Common Services INFOCAI MAINTENANCE IPC UNICENTER JCLCHECK COMMON COMPONENT Mainframe VM Product Manager CHORUS SOFTWARE MANAGER CA ON DEMAND PORTAL CA Service Desk Manager - Unified Self Service PAM CLIENT FOR LINUX ON MAINFRAME MAINFRAME CONNECTOR FOR LINUX ON MAINFRAME GRAPHICAL MANAGEMENT INTERFACE WEB ADMINISTRATOR FOR TOP SECRET Xpertware Top Secret Top Secret - LDAP Top Secret - VSE

Issue/Introduction

Description

No CA Top Secret security violations are being logged to the console, when unauthorized access to a CA Top Secret protected resource is attempted.

Solution

CA Top Secret Control Option "LOG(NONE)" is specified globally or on the FACILITY level.

The LOG control option should be changed to meet your sites security requirements, policies and standards.

The LOG control option:

  • Identifies the types of events that CA Top Secret logs

  • Specifies whether the events are logged onto the ATF (Audit Tracking File) and/or onto the SMF files (System Management Facility)

  • Specifies if the violation message is displayed

The LOG option affects all facilities. A Global LOG command can be overridden by a LOG operand entered as a suboption for a specific facility.

This control option has the following format: 

    LOG(ACTIVITY,ACCESS, SMF , SEC9 , INIT , MSG )|(NONE)|(ALL)

NONE

Deactivates all SMF and ATF logging, except for violations and audited events to the ATF.

If the user facility is in DORMANT mode, no logging takes place unless the resource permitted is specified with ACTION(FAIL).

ACTIVITY

Logs all activity for all facilities to the SMF. This is the same as specifying: 

     LOG(ACCESS,INIT)

SMF

Events are written to the SMF file in addition to the ATF if applicable.

ACCESS

Logs all resource access, except for the following:

  • DBD

  • FCT

  • JCT

  • LCF

  • OTRAN

  • PPT

  • PROGRAM

  • PSB

SEC9

Routes violation summary messages to the security console via route code 9:

  • TSS7100E

  • TSS7220E

  • TSS7200E

  • TSS7250E

INIT

Logs all job/session initiations and terminations.

MSG

Violation messages are displayed for batch jobs, started tasks, or at the online user's terminal.

For users in FAIL mode, violation messages will always appear. Password violations also appear.

ALL

Selects all log options for all facilities.

The default is LOG(SMF,INIT, SEC9, MSG).

Please refer to the CA Top Secret Control Option Guide for more details about the LOG control option.

Environment

Release:
Component: AWAGNT
Powered by Wolken Software