About TSSUTIL

TSSUTIL provides the CA Top Secret administrator with batch reports and with the ability to extract audit information recorded in the Audit/Tracking File. This information contains detailed security-related activity; the batch reports can be customized by choosing specific selection criteria.

The following considerations affect TSSUTIL:

TSSUTIL can report on an AUDIT file detached from any Security File by using the HISTORY parameter.
The Audit/Tracking File supports 256 byte resource names.
TSSUTIL accommodates resource names up to 256 bytes in length
Alternating between two Audit/Tracking files is now available. This allows you to backup one AUDIT file while working on another.
Reports are produced with events in chronological order as found in the Audit/Tracking File. No sorting is performed.
Reporting depends greatly upon the correct specification of logging options. The LOG option allows you to request the type of events to be logged; specify where logging information is recorded; and choose where violation notification is made.

The following logging options are required to obtain security information:

LOG(INIT,...)  requests logging of all job/session initiations
and terminations.

LOG(ACCESS,...) requests logging of all resource access.

Each facility can be separately monitored.

Violations are always logged by default.

All security events would need to be logged via the TSS LOG option in order to use the full range of options available with TSSUTIL. Selection, therefore, is limited to data available as a result of the TSS LOG option. Multiple and different reports may be generated using the same Audit/Tracking File input data and one use of TSSUTIL.