Security Violations Report

The IBM® Sterling Connect:Direct® for z/OS® Security Violations Report lists the following types of violations for a specified time period:

Signon security failures—Failure caused by an invalid user ID or password that signed on to IBM Connect:Direct. Each violation is recorded.

Process security failures—This failure is caused when a Process does not run due to an invalid security authorization. An example is a Process that does not run because the user is not defined in the IBM Connect:Direct authorization file at the remote node.

Data set access security failures—Failure due to insufficient authority to access a data set.

A sample report follows:

1               IBM Connect:Direct Security Violations Report            2
           NODE = SC.DUB.MWATL1         13:35 Friday, February 25, 2011
                                          VIOLATION
     USERID      CC           MSG ID           DATE          TIME      TYPE
     MyCCente    00000008    RACF001I    02/25/2011    12:21:12.5     SIGNON
     MWATL1      00000008    RACF097I    02/25/2011    12:23:04.4     SIGNON

You can specify the start date and time and the stop date and time.

Included in these reports are security message IDs generated by any security subsystem used with IBM Connect:Direct. Security subsystems supported include:
  • IBM Resource Access Control Facility (RACF)
  • CA-ACF2 and CA-TOP SECRET by Computer Associates, Inc.

The following table contains a description of the report fields:

Report Field Description
NODE IBM Connect:Direct node where the statistics file is examined.
USERID IBM Connect:Direct user ID that created the security violation.
CC IBM Connect:Direct completion code in hexadecimal format.
MSG ID Security system message ID: IBM Connect:Direct, ACF2, RACF, or TOP SECRET.
DATE Date security violation occurred.
TIME Time security violation occurred.
VIOLATION TYPE Type of security violation. Valid types are SIGNON, PROCESS, and DATASET.