Security domain: Global statistics
You can retrieve the security domain statistics by using the EXEC CICS EXTRACT STATISTICS SECURITY command.
| DFHSTUP name | Field name | Description |
|---|---|---|
| New ACEEs with ICRX | XSG_ACEE_ICRX_NEW | The number of security requests that resulted in new ACEEs with
ICRX. Reset characteristic: reset to zero |
| New ACEEs without ICRX | XSG_ACEE_NOICRX_NEW | The number of security requests that resulted in new ACEEs
without ICRX. Reset characteristic: reset to zero |
| Current ACEEs with ICRX | XSG_ACEE_ICRX_CUR | The current number of ACEEs with ICRX. Reset characteristic: not reset |
| Peak ACEEs with ICRX | XSG_ACEE_ICRX_PEAK | The peak number of ACEEs with ICRX. Reset characteristic: reset to current |
| Current ACEEs without ICRX | XSG_ACEE_NOICRX_CUR | The current number of ACEEs without ICRX. Reset characteristic: not reset |
| Peak ACEEs without ICRX | XSG_ACEE_NOICRX_PEAK | The peak number of ACEEs without ICRX. Reset characteristic: reset to current |
| Successful fastpath authentications | XSG_AUTHEN_FAST_PASS | The number of successful password, passphrase, PassTicket, or
MFA authentication requests for which CICS® used the fastpath
method of verification. Reset characteristic: reset to zero |
| Successful fullpath authentications | XSG_AUTHEN_FULL_PASS | The number of successful password, passphrase, PassTicket, or
MFA authentication requests for which CICS enforced a full
verification (the fullpath method). Reset characteristic: reset to zero |
| Failed fullpath authentications | XSG_AUTHEN_FULL_FAIL | The number of password, passphrase, PassTicket, or MFA
authentication requests that failed the full verification. Reset characteristic: reset to zero |
| Successful Kerberos authentications | XSG_AUTHEN_KERB_PASS | The number of Kerberos authentication requests that were
successful. Reset characteristic: reset to zero |
| Failed Kerberos authentications | XSG_AUTHEN_KERB_FAIL | The number of Kerberos authentication requests that
failed. Reset characteristic: reset to zero |
| Successful JWT creations | XSG_AUTHEN_JWTC_PASS | The number of JWT creation requests that were
successful. Reset characteristic: reset to zero |
| Failed JWT creations | XSG_AUTHEN_JWTC_FAIL | The number of JWT creation requests that
failed. Reset characteristic: reset to zero |
| Successful JWT authentications | XSG_AUTHEN_JWT_PASS | The number of JWT authentication requests that were
successful. Reset characteristic: reset to zero |
| Failed JWT authentications | XSG_AUTHEN_JWT_FAIL | The number of JWT authentication requests that
failed. Reset characteristic: reset to zero |
| Successful resource authorizations | XSG_AUTHOR_RES_PASS | The number of resource authorization requests that were
successful. Reset characteristic: reset to zero |
| Failed resource authorizations | XSG_AUTHOR_RES_FAIL | The number of resource authorization requests that
failed. Reset characteristic: reset to zero |
| Successful command authorizations | XSG_AUTHOR_COMD_PASS | The number of command authorization requests that were
successful. Reset characteristic: reset to zero |
| Failed command authorizations | XSG_AUTHOR_COMD_FAIL | The number of command authorization requests that
failed. Reset characteristic: reset to zero |
| Successful surrogate authorizations | XSG_AUTHOR_SUR_PASS | The number of surrogate authorization requests that were
successful. Reset characteristic: reset to zero |
| Failed surrogate authorizations | XSG_AUTHOR_SUR_FAIL | The number of surrogate authorization requests that
failed. Reset characteristic: reset to zero |
| Successful non-CICS authorizations | XSG_AUTHOR_NON_CICS_PASS | The number of successful requests that are made by customer
applications using the QUERY SECURITY API with RESCLASS, and
requests that are made by CICS to non-CICS classes such as the FACILITY class. Reset characteristic: reset to zero |
| Failed non-CICS authorizations | XSG_AUTHOR_NON_CICS_FAIL | The number of failed requests that are made by customer
applications using the QUERY SECURITY API with RESCLASS, and
requests that are made by CICS to non-CICS classes such as the FACILITY class. Reset characteristic: reset to zero |
| 6.2 and later Failed authorizations NOLOG NOTAUTH | XSG_AUTHOR_FAIL_NL_NA | The number of QUERY SECURITY
LOGMESSAGE(NOLOG) requests that succeeded but returned no authority on READ, UPDATE,
CONTROL or ALTER. Reset characteristic: reset to zero |
| 6.2 and later Failed authorizations NOLOG NOTFND | XSG_AUTHOR_FAIL_NL_NF | The number of QUERY SECURITY
LOGMESSAGE(NOLOG) requests that failed with response code 13 NOTFND and
reason code 5 or 8.Reset characteristic: reset to zero |
| Maximum parallel ESM requests | XSG_ESM_REQUESTS_MAX | The maximum number of ESM authentication requests that are
allowed to run in parallel. Reset characteristic: not reset |
| Current parallel ESM requests | XSG_ESM_REQUESTS_CUR | The current number of ESM authentication requests that are
running in parallel. Reset characteristic: not reset |
| Peak parallel ESM requests | XSG_ESM_REQUESTS_PEAK | The peak number of ESM authentication requests that were
running in parallel. Reset characteristic: reset to current |
| Maximum waiting ESM requests | XSG_ESM_WAITERS_MAX | The maximum number of ESM authentication requests that are
allowed to wait to run. 9999 means no limit. Reset characteristic: not reset |
| Current waiting ESM requests | XSG_ESM_WAITERS_CUR | The current number of ESM authentication requests that are
waiting to run. Reset characteristic: not reset |
| Peak waiting ESM requests | XSG_ESM_WAITERS_PEAK | The peak number of ESM authentication requests that were
waiting to run. Reset characteristic: reset to current |