On 2/7/2007 5:18 AM, [EMAIL PROTECTED] wrote:
> I have defined the dataset profile as AUDIT(FAILURES(UPDATE)). When
> will log the failure to SMF.
That specification will cause auditing only for attempts that need
UPDATE access or higher (failing attempts to change the data in the data
set, or (for example) to delete the data set).
Failing attempts to READ the data set would not cause auditing, nor
would any successful attempts to READ or UPDATE the data set.
Walt Farrell, CISSP
z/OS Security Design, IBM
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html
