Rules Facility Guide › Security with the Rules Facility › CA VM:Secure Journal Facility and CP Journaling › Setting Up the Journal Facility

Setting Up the Journal Facility

To set up the Journal Facility

1. Edit the SECURITY CONFIG file:

   vmsecure config security
   

2. Place a JOURNAL record in the SECURITY CONFIG file. The format for the JOURNAL record is:

   JOURNAL warning maximum
   

   • warning—The number of consecutive invalid password attempts after which a warning message appears on the system operator’s console.
   • maximum—The number of invalid password attempts recorded for a user ID or device.

   After the maximum number of invalid password attempts is reached for either a user ID or a terminal address, the offending user ID or terminal address can no longer do any of the following:

   • Issue CA VM:Secure commands if the password violations were in response to a logon password prompt.
   • Define a minidisk link for any minidisks belonging to the user ID for which link passwords were violated.
   • Issue the AUTOLOG, LINK, LOGON, LOGON BY, XAUTOLOG, DIAL CP commands, use DIAGNOSE X’A0’ subcode 4 or DIAGNOSE X’88’ subcode 8 for password validation, or use the LOGONBY Facility, depending on which monitored condition went over the maximum. This option is valid only when the Rules Facility is implemented.
3. Establish CP journal settings for logon attempts appropriate for your system.

   Note: For information about these settings and setting limits for logon attempts using the JOURNAL record, see the Reference Guide.