TSSRPTST formats and reports SAF SECTRACE output written to the System Management Facility (SMF). SMF is the only SAF SECTRACE output destination where output is guaranteed because SMF is the only destination that can be written to in any mode.
TSS UTILITY LIBRARY ‑ TSSRPTST ‑ SAF TRACE REPORT PAGE 59
DATE 06/29/00 (94.180) TIME 14.09 TRACEID(SECOFF)
SMFID= VEGA TOD= 14:09:12.57 TRACEID= SCOFF USERID= USER01
JOBNAME= USER01 ASID= 001C / 002F PGM= IKJEFF04 CURR RB= SVC0
SFR/RFR= 0/0:0 MODE= TASK APF= AUT HORIZED LOCKS= NONE
RACROUTE REQUEST=AUTH,MSGSP=0,WORKA=,ATTR=READ,CLASS='DATASET',
DDNAME='SYS00014',DSTYPE=N,
ENTITY=('USER01,SPFTEMP0.CNTL',NONE),FILESEQ=0,
GENERIC=ASIS,LOG=ASIS,RACFIND=NO,RELEASE=1.8,STATUS=NONE,
TAPELBL=STD
The TSSRPTST report always produces entries formatted like the sample above.
The TSSRPTST report produces additional information in the entries when the DETAIL parameter is specified, as shown in the following sample.
TSS UTILITY LIBRARY ‑ TSSRPTST ‑ SAF TRACE REPORT PAGE 59
DATE 06/29/00 (94.180) TIME 14.09 TRACEID(SECOFF),DETAIL
SMFID= VEGA TOD= 14:09:23.35 TRACED= SECOFF USERID= USER01
JOBNAME= INIT ASID= 000F / 003C PGM= IEFIB600 CURR RB= IEFIB
SFR/RFR= 0/0:0 MODE= TASK APF= AUTH ORIZED LOCKS= NONE
RACROUTE REQUEST=VERIFY,MSGSP=0,WORK=,ACTINFO=,ENCRYPT=YES,
ENVIR=CREATE,JOBNAME='USER01A',LOG=ASIS,PASSCHK=YES,
PGMNAME='MYPROGRAM',RELEASE=1.8,SMC=YES,STAT=ASIS
ACTINFO DATA AREA FOLLOWS
00024485 +000 0105E2E2 C402E600 00000000 00000000 *..USER01........*
00024495 +010 00000000 00000000 00000000 00000000 *................*
000244A5 +020 00000000 00000000 00000000 00000000 *................*
000244B5 +030 00000000 00000000 00000000 00000000 *................*
000244C5 +040 00000000 00000000 00000000 00000000 *................*
Following the TSSRPTST output fields, the external data structures identified by the RACROUTE parameter list are displayed in both hexadecimal and EBCDIC formats.
The following fields appear on the TSSRPTST report.
Shows the SMF CPU identifier of the executing CPU.
Shows the time of day when the SAF request was issued.
Lists the SAF SECTRACE event identifier. The TRACEID is the ID set in the SAF SECTRACE command.
Shows the user ID active in the address space when the SAF event was traced.
Identifies the name of the job for which the SAF request was issued.
Indicates the home address space identifier in which the SAF request was issued and, if applicable, the primary address space identifier in which the code for the task is executed.
Shows the program that issued the SAF request. This field specifies the program name of the newest PRB on the active RB chain. If no PRB exists on the active RB chain when a monitored event occurs, the name used for the RB field is also used for PROGRAM.
Shows the program name associated with the current request block (RB) under which the call was made. This field specifies the program request block (PRB) name in which the security event must occur. When an event occurs directly under a PRB, the name of the program specified in that block is used to match what you specify in this field. If an event occurs under a supervisor call request block (SVRB), the RB name is assigned SVCnnn, where nnn is the decimal SVC number. If this RB is the only RB on the active RB chain under an SVRB, the interrupt code (SVC number) cannot be determined. Therefore, another RB name is assigned. If the program manager indicator is set, the assigned RB name is *PMSVRB*. If the indicator is not set, the RB name is *SYSTEM*. If the security event occurs under the control of a service request block (SRB), the assigned RB name is *SRB*.
Shows the SAF return code and the security system's return and reason codes (n:n) from the SAF event. These values are available only on TRACE=POST requests. See the IBM publication External Security Interface (RACROUTE) Macro Reference for MVS and VM for information about these return and reason codes.
Shows the operating mode of the address space. There are two different indicators for mode. MODE=TASK indicates that the SAF request was made from a task mode requester. MODE=SRB indicates that the request was made from a SAF mode requester.
Indicates whether the requestor was APF‑authorized.
Indicates the locks that were held in the address space at the time the SAF event was traced.
Shows the external data structures identified in the RACROUTE parameter list.
|
Copyright © 2014 CA Technologies.
All rights reserved.
|
|