|
|
|
Often, APF‑authorized program products use the SVCUPDTE macro to implant intercepts that modify or enhance the operation of standard z/OS system services, such as OPEN and WTO. The data center can review the SVC update recording table to determine if these intercepts are really present, whether several products intercept the same service and possibly interfere with each other, and moreover, to assess the overall integrity of crucial operating system components. However, APF‑authorized programs can update the SVC table directly without using SVCUPDTE and without generating the corresponding SVC update recording entry. We recommend that you review the SVC update recording table at the same time that you review the SVC table.
You can analyze significant entries in the SVC update recording table with the SVC Journal Analysis Option (3.7.4). This option is on the SVC Analysis menu. If this option is selected on a z/OS system that does not include the SVC update recording feature, CA Auditor displays a message, and no analysis is performed.
| Copyright © 2009 CA. All rights reserved. | Tell Technical Publications how we can improve this information |