RACF profile usage not logged in SMF dataset
RACF profile usage not logged in SMF dataset
I am looking for the STGADMIN FACILITY profile usage for the past one month. So ran the IFASMFDP utility to unload the SMF logs for the past one month but unable to find the dataset which is accessed by the production batch jobs stored in the SMF logs. I am not sure where the problem lies (or) from where to start to fix this issue. Can someone assist me on this please?
-
Robert Sample
- Global moderator
- Posts: 3720
- Joined: Sat Dec 19, 2009 8:32 pm
- Skillset: Systems programming, SAS, COBOL, CICS, JCL, SMS, VSAM, etc.
- Referer: other forum
- Location: Dubuque, Iowa, USA
Re: RACF profile usage not logged in SMF dataset
SMF type 80 records store RACF data. AFAIK, as a general rule successful accesses are not logged in SMF nor anywhere else. Also, I don't think FACILITY usage is logged anywhere.
It is not clear what dataset you are looking for here.unable to find the dataset which is accessed by the production batch jobs
Re: RACF profile usage not logged in SMF dataset
Thanks for the reply Robert.
I am trying to limit access to STGADMIN. ** profile.
Currently there are way too much access to that profile.
Before limiting the access I would like to know if any production batch IDs require access. So I was looking into SMF logs for the profile usage.
In the logs, I can see that profile was accessed by some user accounts but not showing any batch IDs.
So we restricted the access only to storage people on test system but end up with access violation for the batch ID.
Before moving to production, need some clarification on this.
I am trying to limit access to STGADMIN. ** profile.
Currently there are way too much access to that profile.
Before limiting the access I would like to know if any production batch IDs require access. So I was looking into SMF logs for the profile usage.
In the logs, I can see that profile was accessed by some user accounts but not showing any batch IDs.
So we restricted the access only to storage people on test system but end up with access violation for the batch ID.
Before moving to production, need some clarification on this.
-
Robert Hansel
- Posts: 12
- Joined: Fri Sep 17, 2010 12:24 am
- Skillset: RACF Specialist
- Referer: Google Alerts
Re: RACF profile usage not logged in SMF dataset
Did you add AUDIT(ALL(READ)) to your STGADMIN profiles to log all access activity?
Alternatively, if you have IBM's zSecure Admin product and have implemented the Access Monitor component, you can use Access Monitor data to report on access activity.
Alternatively, if you have IBM's zSecure Admin product and have implemented the Access Monitor component, you can use Access Monitor data to report on access activity.
Regards, Bob
Robert S. Hansel
Lead RACF Specialist
RSH Consulting, Inc.
617-969-8211
www.linkedin.com/in/roberthansel
www.rshconsulting.com
Robert S. Hansel
Lead RACF Specialist
RSH Consulting, Inc.
617-969-8211
www.linkedin.com/in/roberthansel
www.rshconsulting.com
-
- Similar Topics
- Replies
- Views
- Last post
-
- 1
- 1983
-
by willy jensen
View the latest post
Mon Jul 15, 2024 8:42 pm
-
- 3
- 2579
-
by aarvalar1
View the latest post
Fri May 17, 2024 5:04 pm
-
- 7
- 3583
-
by celsofigueiredo
View the latest post
Thu Mar 18, 2021 11:03 pm
-
-
Converting universal groups to normal Racf group
by aarvalar1 » Thu May 23, 2024 10:15 pm » in Mainframe Security - 5
- 2775
-
by Robert Hansel
View the latest post
Wed Jul 24, 2024 5:12 pm
-
-
-
REXX call RACF service IRRSPK00 to generate Pass Tickets
by VladGoodman » Mon Feb 27, 2023 1:11 am » in CLIST & REXX - 4
- 2454
-
by Pedro
View the latest post
Fri Mar 17, 2023 11:40 pm
-