Violations, Logging, Reporting, and Auditing › Audit/Tracking File

Audit/Tracking File

By default, CA Top Secret logs all violations to SMF. The Audit/Tracking file is also available for logging violations and audited events. The Audit/Tracking file lets you:

• Eliminate SMF logging for violations and activity, which reduces SMF overhead.
• Configure so that logging to the Audit/Tracking file cannot be suppressed. This configuration eliminates a potential security exposure.
• Generate reports for up-to-the-minute information.
• Extract security events that are logged to produce reports using the TSSUTIL batch utility.

You can only use the TSSTRACK online tracking capability if you are logging to the Audit/Tracking file. You can use the TSSUTIL to routinely archive audit tracking information.

CA Top Secret allows the online, real-time display of selected security activity on TSO and CICS terminals with the TSSTRACK utility.

TSSAUDIT permits auditors to monitor changes to the security file and sensitive z/OS facilities and data areas.