CA VM:Secure records audit information for most commands and directory changes. When your site is using the Rules Facility, logons requested through the LOGONBY Facility, and the CP commands AUTOLOG, COUPLE, LOGON, LOGON BY, LINK, TAG, SPOOL, TRANSFER, XAUTOLOG, and STORE HOST are audited. Password verification done through CP DIAGNOSE X’A0’ subfunction X’04’ or CP DIAGNOSE X’88’ subfunction X’08’ is also audited. CA VM:Secure writes audit records to the VMSECURE AUDIT file on the AUDT minidisk each time a user issues an audited command. The AUDIT user exit is called for each record. You can use it to select which audit records you want to be written to the AUDT minidisk.
As the AUDT minidisk fills, use the AUDITEXT command to move the audit records to your minidisk or directory accessed at filemode A, and reinitialize the AUDT minidisk. You can then use the information in the audit records as input to the VMXSRA and VMXSRB report programs. VMXSRA generates a report showing usage of all audited CP commands; VMXSRB generates a report of all audited system actions. To exclude certain types of audit records from the reports, you can use the SECURITY REPORTS user exit.
|
Copyright © 2014 CA.
All rights reserved.
|
|