Sample TSSAUDIT Listing of Changes

TSSAUDIT Utility › Sample TSSAUDIT Listings › Sample TSSAUDIT Listing of Changes

Sample TSSAUDIT Listing of Changes

A sample listing of changes is as follows:

CHANGES CA(acid) DATE(‑nn)
V9.0          AUDIT UTILITY                        10/30/02   08:03:36     PAGE 001
+                                               _____________
 
  INCOMING PARAMETER ===>      CHANGES CA(KORDI01) DATE(‑01)
V9.0          AUDIT UTILITY                        10/30/00   08:03:36     PAGE 002
+                                               _____________
‑             ‑‑‑‑‑ LISTING OF CHANGES TO SECURITY FILE ‑‑‑‑‑
   
CHANGER    DATE     TIME   SYSID TYPE                      COMMAND/IMAGE
======= ======== ======== ===== ==== ===================================

KORDI01 02/14/14 10:23:46 XE14 CMND TSS CREATE(TEDMON) DEPT(QADEPT1) TYPE(USER) NAME('TED MON')
KORDI01 02/14/14 10:24:42 XE14 CMND TSS ADD(MASTER) DSN(PAY)
KORDI01 02/14/14 10:25:12 XE14 CMND TSS PER(TEDMON) DSN(PAY.MSTR) LIB(SYS1.UTY) PRI(PAY60)
KORDI01 02/14/14 10:30:11 XE14 CMND TSS REVOKE(TEDMON) DSN(PAY.MSTR)
KORDI01 02/14/14 10:31:48 XE14 CMND TSS ADD(MASTER) DSN(SYS9.)
KORDI01 02/14/14 10:32:31 XE14 CMND TSS PER(TEDMON) LIB(SYS9.UTY) DSN(PAY.MSTR) PRI(PAY60)
KORDI01 02/14/14 10:33:55 XE14 CMND TSS REM(MASTER) DSN(SYS9.)
KORDI01 02/14/14 10:34:55 XE14 CMND TSS REV(TEDMON) DSN(PAY.MSTR)
KORDI01 02/14/14 10:35:46 XE14 CMND TSS ADD(MASTER) DSN(SYS9.)
KORDI01 02/14/14 10:36:31 XE14 CMND TSS PER(TEDMON) DSN(PAY.MSTR) LIB('SYS9.UTY') PRI(PAY60)
ADMSCA1 02/14/14 12:32:24 XE14 CMNE TSS ADD(TEDMON) SUSPEND
ADMSCA1 02/14/14 12:32:24 XE14 CMNE TSS REM(M129MG) PROFILE(SYS01P)
KORDI01 02/14/14 07:57:49 XE14 PW   TSS REP(BOBBY01) PASSWORD(????????)

‑                                                ALL CHANGES WITHIN SCOPE LISTED
 
                                                     TSS COMMAND CHANGES = 00010
                                                        PASSWORD CHANGES = 00001
                                                         DYNAMIC UPDATES = 00000

The listing displays the following information:

CHANGER

Lists the ACID of the administrator who made the change.

DATE

Lists the date on which the change was made. (Date information appears in the form specified in the CA Top Secret DATE startup option.)

TIME

Lists the time at which the change was made.

SYSID

Lists the SMF identifier of the CPU on which the change was made.

TYPE

Indicates the type of change that occurred:

CMDE: Indicates that a TSS command was issued with a type 71 RACF ENF signal.
CMND: Indicates that a TSS command was issued.
PW: Indicates that a password change occurred.

COMMAND/IMAGE

Lists the TSS command—including comments—used to make the change or a simulated TSS command for PW, AVO, DUF. You can use comments on CA Top Secret administrative commands to strategically document the reason for security files changes.

A TSS command can contain UID(?) or GID(?), which instructs the product to automatically assign a USS UID or GID. In this situation, the following processing occurs:

Instead of including the ? value in the command that appears to the recovery file record, the product includes the assigned UID or GID value. For example, TSS ADD(JONATHAN) UID(256) appears in the record instead of TSS ADD(JONATHAN) UID(?).
If the original command contained a RANGE specification, the product removes the specification from the command that appears in the recovery file but writes a copy of the original command to the recovery file as a comment statement (for example, /*TSS ADD(Rachael) UID(?) RANGE(1000,5000) */).

Note: For complete information about using the UID and GID keywords in your TSS command syntax, see the CA Top Secret Command Reference Guide.

If the CHANGES control statement is specified, you must have READ access authority for the CA Top Secret recovery file. In addition, if you are not the MSCA, you must have the following administrative authority:

TSS ADMIN(auditor_acid) ACID(REPORT) RESOURCES(REPORT)