TSSAUDIT Utility › Sample Control Statements

Sample Control Statements

• All Security File changes made in the past five days by the ACID named PAYROLL are listed.

  //STEP1	    EXEC	PGM=TSSAUDIT
  //AUDITOUT	DD	SYSOUT=*
  //RECOVERY	DD	DSN=TOP.SECRET.RECOVERY,DISP=SHR
  //AUDITIN	DD	*
    CHANGES CA(PAYROLL) DATE(‑05)
  /*
  

• All Security File changes that included the string “CICS” are listed. Note that the CHANGES control statement is specified in the PARM field. Because no control statements are included in the AUDITIN data set, it is allocated as DUMMY.

  //STEP1	    EXEC	PGM=TSSAUDIT,
  //          PARM='CHANGES STRING(CICS)'
  //AUDITOUT	DD	SYSOUT=*
  //RECOVERY	DD	DSN=TOP.SECRET.RECOVERY,DISP=SHR
  //AUDITIN	DD	DUMMY
  

  Note that the recovery file is a wrap-around file and that historical data requested could have been overlaid. It is important to assure that your recovery file is sufficiently large, and your backup procedures are sufficiently robust, to assure that recovery data is never lost. It is the administrator's responsibility to assure that requested data for reporting is present on the RECOVERY file specified.

• Control statements are included in both the PARM field and the AUDITIN data set. The CHANGES control statement in the PARM field requests that all Security File changes made on the current date by the ACID named CORP are to be listed. The APF control statement in the AUDITIN data set requests that all modules in the data set identified by the DDNAME operand be searched for the string “ZAP”. All records found with that string are to be listed. The search is to include all control sections within each module.

  //STEP1	    EXEC	PGM=TSSAUDIT,
  //          PARM='CHANGES CA(CORP)'
  //AUDITOUT	DD	SYSOUT=*
  //RECOVERY	DD	DSN=TOP.SECRET.RECOVERY,DISP=SHR
  //LPALIB	DD	DSN=SYS1.LPALIB,DISP=SHR
  //AUDITIN	DD	*
    APF DDNAME(LPALIB) MEMBER(*) STRING(ZAP) DUMPALL
  /*
  

• The APF control statement requests that all modules in the data set identified by the DDNAME operand that have had zaps applied to them be listed.

  //STEP1	    EXEC	PGM=TSSAUDIT
  //AUDITOUT	DD	SYSOUT=*
  //LINKLIB	DD	DSN=SYS2.LINKLIB,DISP=SHR
  //AUDITIN	DD	*
    APF DDNAME(LINKLIB) ZAPPED
  /*
  

Error messages and abend codes for TSSAUDIT can be found in the CA Top Secret Messages and Codes.