On 2/7/2007 5:18 AM, [EMAIL PROTECTED] wrote: > I have defined the dataset profile as AUDIT(FAILURES(UPDATE)). When > will log the failure to SMF.
That specification will cause auditing only for attempts that need UPDATE access or higher (failing attempts to change the data in the data set, or (for example) to delete the data set). Failing attempts to READ the data set would not cause auditing, nor would any successful attempts to READ or UPDATE the data set. Walt Farrell, CISSP z/OS Security Design, IBM ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html