We are running CICS TS 1.3 and also DB2. For auditing and investigation purposes we need to find out periodically...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
who may have accessed specific information in DB2 from a CICS transaction. Is there an easy way to tie a specific transaction execution to the data requested from DB2? We have private data that a user may have access to but the information is confidential and we may get reports that they haven't held the information in confidence and we need to find out who may have accessed some very specific data in DB2.
It looks like to me you have a rather open access to DB2 data and you now want to start controlling it.
I'd recommend that you start applying Security to DB2 Tables so that you can actually restrict access rather than worrying about who-did-what after the event.
CICS does not supply any exits or other facilities to intercept data returned from DB2 so that you can log it for offline activity. The closest you can get to this is to look at the SMF data and see what tables are bring accessed - but that will not help you.
I think I'd turn on DB2 Auditing functions and then drive your analysis from that end. Details about this are in the Auditing section of the DB2 Administration book.
Related Q&A from Robert Crawford
I want to replicate DB2 from the mainframe to an AIX box since it's cheaper and the copy can be used for testing. Is this possible?continue reading
What's the impact on I/O when you run in a CPU-constrained mainframe environment?continue reading
I need to transfer one PS file's data from a mainframe to a Linux server. Are there any JCL scripts that can do this for me?continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.