No CA Top Secret security violations are being logged to the console, when unauthorized access to a CA Top Secret protected resource is attempted.
CA Top Secret Control Option "LOG(NONE)" is specified globally or on the FACILITY level.
The LOG control option should be changed to meet your sites security requirements, policies and standards.
The LOG control option:
- Identifies the types of events that CA Top Secret logs
- Specifies whether the events are logged onto the ATF (Audit Tracking File) and/or onto the SMF files (System Management Facility)
- Specifies if the violation message is displayed
The LOG option affects all facilities. A Global LOG command can be overridden by a LOG operand entered as a suboption for a specific facility.
This control option has the following format:
LOG(ACTIVITY,ACCESS, SMF , SEC9 , INIT , MSG )|(NONE)|(ALL)
Deactivates all SMF and ATF logging, except for violations and audited events to the ATF.
If the user facility is in DORMANT mode, no logging takes place unless the resource permitted is specified with ACTION(FAIL).
Logs all activity for all facilities to the SMF. This is the same as specifying:
Events are written to the SMF file in addition to the ATF if applicable.
Logs all resource access, except for the following:
Routes violation summary messages to the security console via route code 9:
Logs all job/session initiations and terminations.
Violation messages are displayed for batch jobs, started tasks, or at the online user's terminal.
For users in FAIL mode, violation messages will always appear. Password violations also appear.
Selects all log options for all facilities.
The default is LOG(SMF,INIT, SEC9, MSG).
Please refer to the CA Top Secret Control Option Guide for more details about the LOG control option.