ACF2 reports are showing logon attempts by invalid userids using TPX as the source.
Example ACF2 LOGINS:
14:44:51 08.086 03/26 15.25 SBSTM1 SBSTM1 P-TPX SZHTN131 * 4 LQZH
08.086 03/26 15.27 ROB ROB P-TPX V@@C0999 * 4 LQZH
Is there a way within TPX to trace the origin of the logon attempt?
You can use the Post-security call point of the TPXUSNSF Signon/Signoff exit to write a message containing the USERID and Terminal-ID to the TPX LOG, by using the LOGMSG macro.
TPX 5.4 Programming Guide - Signon and Signoff Exit
Was this information helpful?