PKCS #11 functions are audited in the following ways:
- The SMF type 82 subtype 1 record that is written during ICSF initialization
contains the data set name of the token data set (TKDS).
- The SMF type 82 subtype 21 record that is written when a member
joins or leaves a sysplex group contains the cryptographic keys data
set (CKDS) data set name if the member joined or left the ICSF CKDS
sysplex group, or the TKDS data set name if the member joined or left
the ICSF TKDS sysplex group.
- ICSF writes SMF type 82 subtype 23 records whenever a TKDS record
for a token or token object is created, modified, or deleted. ICSF
does not write SMF records for changes to session objects.
For descriptions of the SMF records that ICSF writes, see z/OS MVS System Management Facilities (SMF).