Keywords › AUDIT Keyword—ACID Activity

AUDIT Keyword—ACID Activity

Valid on z/OS, z/VSE, and z/VM.

Use the AUDIT keyword to allow an audit of ACID activity.

Note: AUDIT is a reserved ACID name.

When used with a permission, this keyword has the following format:

TSS ADDTO(acid) AUDIT

Capacity of list

One to five resource names per CA Top Secret command.

When used as a reserved ACID, this keyword has the following format:

TSS ADDTO(AUDIT) resource class(resource name)
                 [ACCESS(level1, level2, …)]

Notes:

• Any masking character in a resource name added to the AUDIT Record is treated as a literal. For this reason resource names containing masks should not be added to the AUDIT Record.
• A resource defined to the AUDIT record cannot exceed 64 characters.
• ACCESS(NONE) is ignored. If access is not specified, ACCESS(ALL) is assumed.
• If the resource class in the RDT has the default GENERIC attribute, to audit only the non-generic resource name enclose the resource name in apostrophes with a trailing space.

This keyword is used with:

• The commands ADDTO, CREATE, and REMOVE
• The ACID types User, Profile, DCA, VCA, ZCA, LSCA, SCA, and MSCA
• ACID(AUDIT) authority to ADDTO or REMOVE the AUDIT attribute from ACIDs within their scope
• RESOURCE‑AUDIT authority when using AUDIT as a reserved ACID name

Examples: AUDIT keyword

This example adds the audit attribute to an user01. Any actions performed by user01 are recorded in the Audit file for further review.

TSS ADD(user01) AUDIT

This example removes the AUDIT attribute from USER01:

TSS REMOVE(USER01) AUDIT

In this example, the program "LIST" is audited, but the program "LISTA" is not audited:

TSS ADD(AUDIT) PROGRAM('LIST ')

This example allows user02 to administer the audit attribute for ACIDs within his scope.

TSS ADMIN(user02) RESOURCE(AUDIT)

This example allows any activity for the specified resource class to be audited:

TSS ADD(AUDIT) resource class(resourcename)