Overview
zSecure™ Audit for ACF2 provides ACF2 and z/OS monitoring, Systems Management Facility (SMF) reporting, z/OS integrity checking, change tracking, and library change detection.
This general design, with separate interactive and non-interactive components, has a number of practical advantages:
- It separates interactive interfaces from the application program. This separation gives you more flexibility in designing and using the interfaces and programs, especially when customizing ISPF.
- Any functions that can be run interactively can also be run in batch mode.
- An installation can create customized reports by using the CARLa command language and run these reports from the ISPF panels.
- zSecure Audit for ACF2 can be used remotely, in cases where a TSO connection is impossible or impractical; for example, in NJE networks.
zSecure Audit for ACF2 is command-driven by using the CARLa Auditing and Reporting Language (CARLa). The commands are explained in the IBM® Security zSecure CARLa Command Reference.
A typical user, using ISPF, does not need to be concerned with CARLa. The commands are generated automatically and sent to the application program. Except for the few comments here, this guide does not describe the CARLa command language, but concentrates on using the product interactively through ISPF.
The command language is generally used to generate customized reports and to use the product in batch mode. Because the standard reports are comprehensive, you might not ever need customized reports, but you can create them if necessary. Batch use is attractive as part of a security monitoring function. For example, you can use a scheduled batch job to automatically run monitoring checks and reports.
A comprehensive set of sample reports is available in a data set called the CARLa library. This library has a low-level qualifier of SCKRCARL and is often referred to with the default ddname CKRCARLA.