You may need to know when certain sensitive Logonids are used for system access. The CA-ACF2 logonid record contains a field called ACC-DATE that contains the date of the last system access, but if you need a historical report of system access by these logonids, that field alone is not sufficient.
When you run an ACFRPTLL report with the UPDATE option you get a list containing all system accesses for a given period. The report uses SMF data that contains logonid changes. Each time a logonid is used for system entry, CA-ACF2 journals an SMF record containing the date and time when the logonid was used for system access. These SMF records are input to the ACFRPTLL report.
Please note that when the logonid is used to logon to a multi-user-address-space-system (MUSASS e.g. CICS or IMS), that has the NO-STATS option on its logonid, it will have only one SMF record created per day because this option is designed to eliminate multiple logonid updates that may occur several times a day.
The CA-ACF2 Reports and Utilities guide contains detailed information related to how to run the ACFRPTLL report.