Q
Problem solve Get help with specific problems with your technologies, process and projects.

Creating a distinct journal/logger stream

In CICS Transaction Server Version 2.2 is there an option to allow for the addition of the 8-byte RACF identifier...

to the format of general log journal record?

Most of the access to our CICS TOR is via a TCP/IP stack on the mainframe and it uses a pool of approximately 8,000 NETNAMES to grant access to VTAM. When access is attempted to our TOR, the auto-install program verifies that the NETNAME should be allowed access by reading a VSAM file. If a record is found, a TERM ID assigned to that NETNAME is then installed.

Because of audit concerns the owners of sensitive data stored in VSAM files have asked us to journal reads to these files in CICS as well as updates. When they suspect that inappropriate access to the data has happened, they currently have to use a combination of the CICS journal records, RACF successes report and a copy of the auto-install file to identify possible offenders. If the CICS journal record contained the RACF ID then they would have all of the information by simply accessing the journal backups.


I think for your case you should look into creating a distinct journal/logger stream just to record these accesses. You could stick in there the access to the first lookup/verification file to obtain the Termid authorization and at the end of the session record a gone away status.

Access to the various secret VSAM files would also be recorded in this journal/stream, recording the FileName, Key, Termid and Userid as required.

I would use the file control XFCFROUT GLUE to monitor VSAM requests, and then use the DFHJCJCX WRITE_JOURNAL_DATA XPI command to write the required information.

Robert Harris
Inventor
CICS Technical Strategist -- CICS expert at Search390.com

Editor's note: Do you agree with this expert's response? If you have more to share, post it in one of our .VO7aaqqaAFk.0@/search390>discussion forums.


This was last published in August 2003

Dig Deeper on IBM system z and mainframe systems

PRO+

Content

Find more PRO+ content and other member only offers, here.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

SearchWindowsServer

SearchServerVirtualization

SearchCloudComputing

Close