Auditing considerations on z/OS

The normal RACF® auditing controls are available for conducting a security audit of a queue manager. IBM® MQ does not gather any security statistics of its own. The only statistics are those that can be created by auditing.

RACF auditing can be based upon:
  • User IDs
  • Resource classes
  • Profiles

For more details, see the z/OS Security Server RACF Auditor's Guide.

Note: Auditing degrades performance; the more auditing you implement, the more performance is degraded. This is also a consideration for the use of the RACF WARNING option.