VMXSRA Report Program

Reference Guide › Utility Reference › VMXSRA Report Program

VMXSRA Report Program

The VMXSRA report program is available only with the Rules Facility. Use the VMXSRA report program to generate a report of the audit data captured when certain CP commands are issued.

VMXSRA [fn ft fm [ofn oft ofm]] [(“Options”]


Options:

[AUDINV]
[NORULE]
[PRINT]
[REJECTS]
[UPCASE]
[USEREXIT exitfn [TEXT | EXEC]]

Definitions

fn ft fm: Specifies the file that contains the audit data. This data is collected by the AUDITEXT command, so this file should be the same name as the one you specified on the AUDITEXT command. The default is AUDIT EXTRACT A0.
ofn oft ofm: Specifies the file to which to write the audit report. The default is REPORTA LISTING A0.
AUDINV: Includes in the report invalid passwords found on the audit records. These passwords are present only if CA VM:Secure was initialized with the AUDINV startup parameter.
NORULE: Includes in the report only commands for which there is no governing rule.
PRINT: Sends the report to the virtual printer instead of your A–disk.
REJECTS: Includes in the report only rejected commands.
UPCASE: Produces the report in uppercase.
USEREXIT exitfn [TEXT | EXEC]: Specifies the filename and filetype of the SECURITY REPORTS user exit. EXEC2, REXX, and assembler language are supported. The prototype SECURITY REPORTS exit is VMXEXITD. The filetype can be TEXT or EXEC; the default is TEXT.

Description

When the Rules Facility is installed, the VMXSRA report program generates a formatted report of the audit data captured by the AUDITEXT command. It includes information about each time the CP commands AUTOLOG, DIAL, LINK, LOGON, LOGONBY, SPOOL, STORE HOST, TAG, TRANSFER, and XAUTOLOG were issued, if that information was captured in the output of the AUDITEXT command.

The report contains one record for each issuance of each of these commands. For each record, the report includes the following:

Date and time the command was issued (report is sorted by date and time for each command)
Terminal address from which the command was issued. For more information about terminal addresses, see Terminal Addresses.
User ID that issued the command (for the LOGON command, the user ID that issued the command is a concatenation of LOGON and the hexadecimal terminal address)
User ID that is the object of the command issued
Minidisk address and link mode if the command was LINK
Reason the command was rejected, or blank if the command was accepted:

Reason command was accepted or rejected	Status	Meaning
JOURNAL	Rejection	Journal limit was exceeded
NORULE	Rejection or acceptance	A NORULE record in the SECURITY CONFIG file controls the use of the command
PASSWORD	Rejection	Invalid password
RULE	Rejection or acceptance	Request was rejected or accepted

The SECURITY REPORTS User Exit allows you to exclude records from the report. If you use the SECURITY REPORTS user exit, the user exit file must reside on a minidisk accessed by the user ID issuing VMXSRA.

Write the SECURITY REPORTS user exit in assembler language for faster execution.