RACHECK invocation - logging not performed

Document ID : KB000115663
Last Modified Date : 24/09/2018
Show Technical Document Details
Question:
RACHECK is issued for CLASS=DATASET or CLASS=ABSTRACT .
LOG option for RACHECK is not specified , thus defaults to ASIS) .
Audit file does not contain records for this invocations .
RDT CLASSes DATASET and ABSTRACT were not changed .

Why no Audit Tracking record is cut in such case?
Answer:
The requestor is allowed to access to ABSTRACT(CVUXPD), then the SECTRACE shows access is allowed.

In such case a record won't be cut in the ATF file, because access is allowed, there is no violation.
A record will be only cut if a violation occurs.

So, you need to add an AUDIT attribute to the acid or to add ACTION(AUDIT) on the permit or add the resource to be audited in the AUDIT record or use LOG(ACCESS) at FACILITY level to cut a record in the ATF file when access is succesful. If you revoke the permit ABSTRACT(CVUXPD) for the requestor, a violation will occur and a record will be cut in the ATF file.