z/OS commands

By default, Take Action commands that are issued by OMEGAMON for Db2® Performance Expert through the Tivoli Enterprise Portal are issued as z/OS system commands.

In IBM® Tivoli® Monitoring Version 6.3.0, you can enable SAF and RACF® authorization of Take Action commands and authorize the use of Take Action commands by selected portal server users (Tivoli Enterprise Portal user ID). You can restrict others from issuing Take Action commands.

You can secure Tivoli Enterprise Portal user IDs or the RACF groups that the user IDs are in by using standard security objects that are provided by the security product at your site. For more information, see:
OMEGAMON shared documentation, Version 6.3.0 Fix Pack 2 and above: Configuring Take Action command access using SAF profiles
https://www.ibm.com/docs/en/om-shared?topic=csmsz-configuring-take-action-command-access-using-saf-profiles
OMEGAMON shared documentation, Version 6.3.0 Fix Pack 2 and above: Enable RACF authorization of Take Action commands
https://www.ibm.com/docs/en/om-shared?topic=zos-enable-racf-authorization-take-action-commands

With IBM Tivoli Monitoring Version 6.3.0, Tivoli Management Services provides an auditing function that captures information about significant events that occur in your IBM Tivoli Monitoring environment, including those events that allow or disallow the execution of Take Action commands. On a z/OS system, the auditing facility creates and stores information in Systems Management Facility (SMF) format records. For more information, see:

OMEGAMON shared documentation, Version 6.3.0 Fix Pack 2 and above: Configuring Take Action command access using SAF profiles
https://www.ibm.com/docs/en/om-shared?topic=csmsz-configuring-take-action-command-access-using-saf-profiles
IBM Tivoli Monitoring: Tivoli Enterprise Portal User's Guide
https://www.ibm.com/docs/en/tivoli-monitoring/6.3.0?topic=guides-tivoli-enterprise-portal-users-guide

Although the preferred configuration method is to use the RACF authorization and SMF auditing facilities to issue Take Action commands, you can also configure a monitoring server or monitoring agent address space to redirect Take Action commands to NetView® through the Program to Program Interface (PPI). For more information about configuring Tivoli NetView for z/OS authorization of z/OS commands, see:

OMEGAMON shared documentation, Version 6.3.0 Fix Pack 2 and above: Enable NetView to authorize Take Action commands
https://www.ibm.com/docs/en/om-shared?topic=commands-enable-netview-authorize-take-action