Checking CICS configuration with IBM Health Checker for z/OS
IBM® Health Checker for z/OS® is a z/OS component that helps simplify and automate the identification of potential configuration problems before they impact availability or cause outages. CICS® TS supports health checker rules that define best practices for CICS system configuration.
Before you begin
- For z/OS V2.1: UA91584
- For z/OS V2.2: UA91583
About this task
Each CICS region runs the CICS system transaction CHCK every 30 minutes to check and report on compliance to the best practices.
The CICS health checker rules run every 30 minutes in the IBM Health Checker for z/OS address space, and IBM Health Checker for z/OS reports on all CICS regions that have been running within the previous 30 minutes. If any regions on an LPAR are identified as non-compliant with any of the best practices, IBM Health Checker for z/OS issues warning messages containing details of the non-compliant regions for you to take corrective actions.
To review the details of the Health Check output use the TSO SDSF CK command. For more information, see Health Check panel (CK).
For details about IBM Health Checker for z/OS, see IBM Health Checker for z/OS User's Guide.
CICS TS supports the following health checker rules:
- Security rules
- These rules define best practices for CICS TS security:
- CICS_CEDA_ACCESS
- Checks whether CEDA is accessible to unauthenticated users, which might compromise the security of the LPAR.
- CICS_JOBSUB_SPOOL
- Checks whether the system spool, if enabled, is accessible to unauthenticated users, which might compromise the security of the LPAR.
- CICS_JOBSUB_TDQINTRDR
- Checks whether any transient data queue that writes to the internal reader is accessible to unauthenticated users, which might compromise the security of the LPAR.