Previous Topic: Printer FormatNext Topic: Reading IUCV and VMCF Loggings

Running the Resource Event Log (RV)Sample ReportReading the Reports

Reading the Reports

REQUESTED RESOURCE

The resource the user requested.

REC

A three‑character code indicating whether this is a logging (LOG), violation (VIO), or trace (TRC) record. Violation records are highlighted with an asterisk (*) before the field.

LOOKUP KEY

The name of the resource rule set that validated the request.

UID

The requester’s user identification string.

SOURCE

The logical input source where the access request was made.

CPU

The name of the CPU that validated the resource request.

DISP

The reason why the logging occurred. Valid entries are:

NO‑REC

CA ACF2 for z/VM found no record matching the rulekey in the CA ACF2 for z/VM Rule database

NO‑RULE

CA ACF2 for z/VM found no rule matching the environment of the request

RULE

CA ACF2 for z/VM found a resource rule that determined the access or prevention.

DSP‑MOD

The exits and conditions that affected the validation. This field details:

NON‑CNCL

The requesting logonid was noncancelable. CA ACF2 for z/VM allowed the request.

SEC‑OFF

The requesting logonid was a security officer. CA ACF2 for z/VM allowed the request.

ABORT

CA ACF2 for z/VM unconditionally aborted the request.

KEY‑MOD

CA ACF2 for z/VM modified the resource name to perform its database lookup operations. This field indicates what resource validation component modified the key.

SERV

The type of service request. Possible values are:

READ

The access request was for read only

ADD

The access request was to add new records to an existing file

DEL

The access request was to delete existing records

UPDT

The access request was to modify existing records.

DATE

The date (in julian and gregorian formats) the access request was made.

TIME

The time the access request was made.

JNAME

The VM user ID of the virtual machine where the user was logged on or attempted the access. For logons of group machines, this is the group ID. For AUTOLOG commands, this is the machine to be autologged. For DIAL commands, this is the machine specified by the DIAL command. JOBMASK selects on this field.

LID

The logonid of the user who attempted the action. For logons of group machines, this is the group user. For autologs, this is the user ID of the machine that issued the AUTOLOG command. For DIAL, this is the logonid entered to identify the user. MASK selects on this field.

NAME

The user’s name associated with the logonid.

PRE

The return code from the prevalidation exit. CA ACF2 for z/VM does not have a resource prevalidation exit. We provide this field in case you run OS/390 SMF data into the ACFRPTRV report program.

Possible return codes are:
0

Continue normal processing

4

Logonid not found

8

Allow and log the request

12

Allow the request and reverify the password

16

Allow but log the request and reverify the password

20

Prevent the request.

RMC

The return code from the CA ACF2 for z/VM resource record manager. Possible return codes are:

  • 9-Record was already resident
  • 4-I/O needed to obtain record
  • 8-Record not found.
INT

The return code from the resource rule interpreter. Possible values are listed below.

0

Allow the request

4

Allow, but log the request

8

Allow the request and reverify the password

12

Allow the access, log the request, and reverify the password

16

Prevent the access

20

No rule applies

24

Rule record is not in proper format

28

Resource record was not found in the resident cache.

PST

The return code from the postvalidation exit. CA ACF2 for z/VM does not have a resource postvalidation exit. We provide this field in case you run OS/390 SMF data into the ACFRPTRV report program.

Possible return codes are listed below.

0

Continue normal processing

4

Allow the request

8

Allow and log the request

12

Allow the request and reverify the password

16

Allow but log the request and reverify the password

20

Prevent the request

FIN

The final return code from the CA ACF2 for z/VM resource validation function. Possible values are listed below.

0

Allow the access

4

Allow but log the access

8

Allow the access and reverify the password

12

Allow and log the access and reverify the password

16

Prevent the access

RESOURCE NAME

The resource name used during validation. This field can show up to a maximum of 256 characters.

NEXTKEYS ENCOUNTERED ON VALIDATION PATH

The NEXTKEY parameters that CA ACF2 for z/VM used to find the matching rule entry. The rule that prevented or allowed the access is also shown in the resource violation LOOKUP KEY field. If the reason for a prevent was no record found, the last entry in this table indicates the rule set record that CA ACF2 for z/VM could not locate.