Hi.
Someone know about the way to logger the any Tso user activity in
centralized way ( like SMF ) ?.
The auditors are asking me this functionality for emergency users TSO.
Thanks.
Alvaro.
--
For IBM-MAIN subscribe /
-snip--
Someone know about the way to logger the any Tso user activity in
centralized way ( like SMF ) ?.
The auditors are asking me this functionality for emergency users TSO.
unsnip--
IIRC, you can still
Someone know about the way to logger the any Tso user activity in centralized
way ( like SMF ) ?.
Log what?
Sign ons?
Dataset activity?
Commands?
Specifics would help!
When in doubt.
PANIC!!
--
For IBM-MAIN subscribe /
IIRC, you can still get a audit trail of what TSO commands a user invokes,
but not under ISPF.
TSOMON ($$) will track even under ISPF.
Sooner or later, even auditors have to realize that certain people must be
trusted to do their jobs correctly.
It's not the auditors.
It's a compliance
@BAMA.UA.EDU
Asunto: Re: TSO user activity logger
Someone know about the way to logger the any Tso user activity in
centralized way ( like SMF ) ?.
Log what?
Sign ons?
Dataset activity?
Commands?
Specifics would help!
When in doubt.
PANIC
--snip-
It's not the auditors.
It's a compliance issue; the auditor does/should not determine what to track.
Rather, they require reporting on what is required to monitor compliance.
It's a true separation of duty (generic terminology):
1. Standards
-Original Message-
From: IBM Mainframe Discussion List On Behalf Of Rick Fochtman
--snip-
It's not the auditors.
It's a compliance issue; the auditor does/should not determine what
to track.
Rather, they require reporting on what is
On Tue, 14 Nov 2006 13:23:26 -0600 Chase, John [EMAIL PROTECTED] wrote:
:IMO, for *anybody* (let alone an auditor) to have deliberately
:demonstrated a newly-discovered hole in that manner on a system such
:as yours should have resulted in a criminal indictment of that person.
Subject to the
Just turn on the AUDIT attribute for those users, I believe RACF will then
record everything they do (that is everything which invokes RACF such as
OPEN, CICS checking for access to transactions, etc.)
Tim Hare
Senior Systems Programmer
Florida Department of Transportation
(850) 414-4209
---snip-
Subject to the definition of run pampant. I presume it wasn't destructive.
-unsnip
At that time, we used the presence or absence of certain datasets to
determine whether the
In a message dated 11/14/2006 4:19:18 P.M. Central Standard Time,
[EMAIL PROTECTED] writes:
He deleted several of those
datasets, since they had no DSORG or open date. Need I say more?
Duh? Sounds like a good candidate for AUDITing at dataset level.
---snip-
In a message dated 11/14/2006 4:19:18 P.M. Central Standard Time,
[EMAIL PROTECTED] writes:
He deleted several of those
datasets, since they had no DSORG or open date. Need I say more?
Duh? Sounds like a good candidate for
In a message dated 11/14/2006 6:05:50 P.M. Central Standard Time,
[EMAIL PROTECTED] writes:
un-involved co-worker. Cost me a very expensive dinner for him, his
wife, and their six kids. Worth every blankety-blank penny of the $350
it set me back! G
that's a lot of foot-long chili
13 matches
Mail list logo