Hi, We are investigating a pbm with SMF type 80 records that appear to be too short. Only a few records a day appear to be too short.
It's not about WAS, but I found this paragraph in a WAS mlanual: Overview of SMF record type 80 <As WebSphere Application Server becomes more capable of authentication and setting or changing the identity on a thread, so arises the need for the ability to audit these changes. Along with this also comes the need to audit the accompanying authorization requests made through EJBRoles checking, intending to produce audit records that include the original authenticated identity. This auditing in WebSphere Application Server is managed not through WebSphere Application Server itself, but through its External Security Manager (RACF or equivalent), where the SMF records are cut.> http://publib.boulder.ibm.com/infocenter/wasinfo/v5r0/index.jsp?topic=/com.ibm.websphere.zseries.doc/info/zseries/ae/rtrb_SMFb1smf.html What would be meant by "cut" in the last sentence: <.... where the SMF recoirds are cut.> Do I have to interpret this in the literal sense of the word: cut off? Chopped? *** Cross-posted to the RACF-L list too. *** Jan Vanbrabant ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
