Data captured by CICS security discovery
6.2 and later Applies to 6.2 and later.
Security discovery data (SDD) is the information that is collected about unique CICS® resource accesses for every user while CICS security discovery is active.
Resource access requests are recorded when a SET
SECDICSOVERY call is made that sets the associated resource class to
DISCOVER.
Data captured by security discovery
The information that is recorded for each unique resource access contains:
- User ID
- A set of indicators that show:
- The user ID was the task’s principal user ID
- The user ID was the task’s session user ID
- The user ID was the region user ID
- The user ID was the default user
- The complete SECPRFX, resource class, and profile name
- The level of access that was requested
Data not captured by security discovery
Security discovery data does not contain any information that is related to the time or frequency of resource access.
The following resource accesses are not captured:
- Failed resource access requests
- Category 1 transactions and the resources within them
- Category 3 transactions and the resources within them
- Exempt internal programs
- Resources that were accessed from within the following Category 2 system management
transactions:
- CBAM
- CCRL
- CDBC, CDBF, CDBI, CDBQ, CDEA
- CEDC, CEMN, CEMT, CEOT, CESD, CETR
- CEDF and its variants CEDG, CEDX and CEDY
- CIDP, CIND
- CLDM, CLER
- CMSG
- COLM, CORM, COSH, COVC
- CRTE
- CSFE
- CWGQ, CWTO, CWWU
- DSNC
- TSQUEUE requests that did not match a TSMODEL or TST entry
- PassTicket generation controlled by XPTKT
- Non-CICS resources