The following actions are logged:
- System access (connect, disconnect)
- JES spool access (submit, display, hold, release, cancel, purge)
- Data set access (read, write, create, delete, rename, compress,
migration, recall)
- File access (read, write, create, delete, rename)
- Execution of TSO and z/OS® UNIX commands
Each logged action is stored (with a date/timestamp) using the
CSV (Comma Separated Value) format, which can be read by an automation
or data analysis tool. For example:
yyyy/mm/dd hh:mm:ss.sss,userid,action,dataset_name[,returncode]
[,additional_information]]
Data set and member statistics are also logged when the
file is opened. They are appended to the line documenting completion
of the READ action, and the fields are delimited with
%n.
For example:
yyyy/mm/dd hh:mm:ss.sss,userid,action,dataset_name,returncode,create%nmodify%n…
The following attributes are logged, in the listed order: