What does IBM Security Guardium S-TAP for IMS on z/OS V10.1.3 do?

IBM Security Guardium S-TAP for IMS on z/OS (also referred to as IBM Security Guardium S-TAP for IMS) is an auditing tool that collects and correlates data access information from IMS Online regions, IMS batch jobs, IMS archived log data sets, and SMF records to produce a comprehensive view of business activity that occurs within one or more IMS environments.

IBM Security Guardium S-TAP for IMS assists auditors in determining who read or updated a particular IMS database and its associated data sets, what mechanism was used to perform that action, and when the access took place.

IBM Security Guardium S-TAP for IMS can collect and correlate many types of information, including the following:

Accesses to databases and segments from IMS Online regions.
Accesses to databases and segments from IMS DLI/DBB batch jobs.
Accesses to databases, image copies, IMS logs, and RECON data sets and security violations to these data sets as recorded by SMF.
IMS Online region START and STOP, database, DBR databases, and PSB change of state activity and user sign-on and sign-off as recorded in the IMS Archived Log data sets.

Restriction: IBM Security Guardium S-TAP for IMS supports auditing of Data Entry Databases (DEDBs) and IMS Full Function databases. Auditing of Main Storage Databases (MSDBs) is not supported.

Restriction: IBM Security Guardium S-TAP for IMS does not audit DBR commands if the IMS subsystem has Type-1 AOE exit DFSAOUE0 installed.