Previous topic |
Next topic |
Contents |
Contact z/OS |
Library |
PDF
Logging z/OS Security Server RACF Auditor's Guide SA23-2290-00 |
|
Logging, the recording of data about specific events, is the key to auditing the use of RACF® at your installation. You must ensure that RACF logs the information you need. RACF uses the system management facilities (SMF) to log data about various RACF events. RACF writes SMF records to an SMF data set or log stream. Things to Consider
RACF always logs information
about certain events because knowing about these events is essential
to an effective data-security mechanism. The events that RACF always logs are:
For more details about z/OS UNIX System Services events for which audit records are always written, see z/OS UNIX System Services Planning. RACF never logs some events, because knowing about these events is not essential to effective data security. RACF never logs any use of the following RACF commands: LISTDSD, LISTGRP, LISTUSER, RLIST, and SEARCH. In addition, RACF can optionally log other events. Optional logging is under the control of either a resource-profile owner or the auditor. |
Copyright IBM Corporation 1990, 2014
|