No CA Top Secret Security Violations Message Are Being Logged

Document ID : KB000054499
Last Modified Date : 14/02/2018
Show Technical Document Details

Description

No CA Top Secret security violations are being logged to the console, when unauthorized access to a CA Top Secret protected resource is attempted.

Solution

CA Top Secret Control Option "LOG(NONE)" is specified globally or on the FACILITY level.

The LOG control option should be changed to meet your sites security requirements, policies and standards.

The LOG control option:

  • Identifies the types of events that CA Top Secret logs

  • Specifies whether the events are logged onto the ATF (Audit Tracking File) and/or onto the SMF files (System Management Facility)

  • Specifies if the violation message is displayed

The LOG option affects all facilities. A Global LOG command can be overridden by a LOG operand entered as a suboption for a specific facility.

This control option has the following format:

    LOG(ACTIVITY,ACCESS, SMF , SEC9 , INIT , MSG )|(NONE)|(ALL) 

NONE

Deactivates all SMF and ATF logging, except for violations and audited events to the ATF.

If the user facility is in DORMANT mode, no logging takes place unless the resource permitted is specified with ACTION(FAIL).

ACTIVITY

Logs all activity for all facilities to the SMF. This is the same as specifying:

     LOG(ACCESS,INIT) 

SMF

Events are written to the SMF file in addition to the ATF if applicable.

ACCESS

Logs all resource access, except for the following:

  • DBD

  • FCT

  • JCT

  • LCF

  • OTRAN

  • PPT

  • PROGRAM

  • PSB

SEC9

Routes violation summary messages to the security console via route code 9:

  • TSS7100E

  • TSS7220E

  • TSS7200E

  • TSS7250E

INIT

Logs all job/session initiations and terminations.

MSG

Violation messages are displayed for batch jobs, started tasks, or at the online user's terminal.

For users in FAIL mode, violation messages will always appear. Password violations also appear.

ALL

Selects all log options for all facilities.

The default is LOG(SMF,INIT, SEC9, MSG).

Please refer to the CA Top Secret Control Option Guide for more details about the LOG control option.