How to extract an Specific zSecure Audit Report!

All about SAF, RACF, encryption, Firewall, Risk assessment and integrity concepts

Re: How to extract an Specific zSecure Audit Report!

Postby Blackthorn » Tue Apr 23, 2019 1:25 pm

As in the previous example, I think you need to come at this from the angle of "which users have access to every resource" as opposed to "what access does every user have". So, the previous example gives you that at a group level, you just need that expanded out to individual users? In which case, just add the EXPLODE operand to the ACL parameter. And you may also want to include the UACC in the report output so you know that every user will have access. So, just change the last line to this -

sortlist key acl(explode) uacc

Obviously it's going to be a massive report. We only have 10k users, and that ran to 17m lines, although it will probably depend more on the number of profiles than the number of users. And that was just for DATASET profiles. And then you need to think about who has access via OPERATIONS or anything else....

These users thanked the author Blackthorn for the post:
danielgp89 (Tue Apr 30, 2019 6:10 am)
Posts: 130
Joined: Tue Feb 01, 2011 7:12 pm
Has thanked: 1 time
Been thanked: 9 times

Re: How to extract an Specific zSecure Audit Report!

Postby danielgp89 » Tue Apr 30, 2019 6:12 am

Many Thanks @Blackthorn! That's exactly what I was looking for.
Posts: 18
Joined: Fri Feb 15, 2019 5:41 am
Has thanked: 8 times
Been thanked: 0 time


Return to Mainframe Security


  • Related topics
    Last post