Is there a way within CA TPX to trace the origin of a logon attempt?

Document ID : KB000011216
Last Modified Date : 14/02/2018
Show Technical Document Details
Introduction:

ACF2 reports are showing logon attempts by invalid userids using TPX as the source.

Example ACF2 LOGINS:

14:44:51      08.086 03/26 15.25 SBSTM1 SBSTM1 P-TPX SZHTN131 * 4 LQZH       
              08.086 03/26 15.27 ROB ROB P-TPX V@@C0999 * 4 LQZH                           
Question:

Is there a way within TPX to trace the origin of the logon attempt?

Environment:
TPX 5.4
Answer:

You can use the Post-security call point of the TPXUSNSF Signon/Signoff exit to write a message containing the USERID and Terminal-ID to the TPX LOG, by using the LOGMSG macro.

  • It would capture the USERID and TERMID.
  • If you want the IP address, there is a variable (IPADDR) which contains that value. You would need to code a TPXVGET macro for this.
Additional Information:

TPX 5.4 Programming Guide - Signon and Signoff Exit