Configuring a Region › Audit Region Activities

Previous Topic: System Parameters

Next Topic: Capture Messages Not Handled by Rules

Audit Region Activities

Auditing lets you store selected region activities as System Management Facility (SMF) records. You can then extract those records using your own reporting tool. You can also write audit events as messages to your product region’s activity log. The logged messages have IDs from NMAU0111 to NMAU0116. When auditing is enabled, the region automatically audits activities such as suppression of messages and updates to definitions in the knowledge base. You can add site-specific auditing using the $NMAUAPI Audit API.

Note: For information about the Audit API and SMF records, see the Reference Guide.

To audit region activities, you must enable it through the AUDIT parameter group. The group lets you specify if you want to store the activities as SMF records, log the audit events, or both. If you want to create SMF records, you must also ensure that an ID for SMF records with subtypes is specified in the SMF parameter group.

To enable auditing of region activities

  1. Enter the /PARMS panel shortcut.

    The Parameter Groups panel appears.

  2. If you want to generate audit events as SMF records, get a unique SMF record ID in the range 128 to 255 from your systems programmer and then enter FIND SMF to locate the SMF parameter group.
    1. Enter U beside the group.

      The group opens for updating.

    2. Specify the assigned ID in the SMF Record Identifier (Subtyped) field, and press F6 (Action).

      The ID is defined for audit event records.

    3. Press F3 (File).

      The group is updated with the changes.

  3. Enter FIND AUDIT.

    The cursor locates the AUDIT parameter group.

    1. Enter U beside the group.

      The group opens for updating.

    2. Specify the auditing requirements for the following types of events:
      • ACCESS lets you audit security activities.
      • APPLICATION lets you audit activities generated by your applications.
      • CONFIGURATION lets you audit changes to definitions.
      • PROCEDURAL lets you audit actions performed at monitors.
      • SERVICEABILITY lets you audit changes in status of monitored resources.
      • UTILIZATION lets you gather statistics on the audited activities. You can customize the frequency and time by which the statistics are gathered.

      Your region does not generate audit events of the ACCESS and APPLICATION types. However, you can use the API to generate those events.

      Note: For more information about event types and audited objects, see the online help.

      Press F6 (Action).

      The region starts to audit the specified activities and create the specified records (SMF, log, or both).

    3. Press F3 (File).

      The group is updated with the changes.