Configuring Your Product › Customize the Central Parameter File › ETAOPTNS Member—CA Audit Event Support

ETAOPTNS Member—CA Audit Event Support

The ETAOPTNS member contains the following parameters:

ETAUDIT= [ALLOW|PREVENT|SAF]

Use this parameter to specify the authorization required to issue CA Audit events by using the EVENTS ON command:

ALLOW

Lets all users issue events.

PREVENT

(Default) Forbids all users from issuing events.

SAF

Causes CA Auditor to issue a SAF authorization call whenever an attempt is made to issue an event. The SAF call has a class of CAEXAMIN and one of the following entity names:

• ETAUDIT.TEST-For test events generated through the use of DEBUG flag 16.
• ETAUDIT.BATCH-For other events issued in batch jobs.
• ETAUDIT.TSO-For other events issued from a TSO session.

The access type is read.

LOGUSE=[NONE|BATCH|TSO|ALL]

Use this parameter to specify whether an CA Audit event is issued when a user enters or leaves CA Auditor. This can be used to track the use of CA Auditor.

NONE

(Default) Suppress logging.

BATCH

Log only batch use.

TSO

Log only TSO use.

ALL

Log both batch and TSO use.

Because these logged CA Audit events are not initiated by the user, a SAF authorization call is not performed for them, even if ETAUDIT=SAF is specified.

To include comments in the member, put an asterisk (*) in column one of the comment line.