Would this be an accurate statement:
The CA Top Secret application and maintained syslog file are the automated processes to capture events.
If not, what are the name of the files that are created by the CA application, i.e. the unix equivalent...
Thanks,
greenja9
Audit Capabilities
Previous topic • Next topic • 3 posts
• Page 1 of 1
Audit Capabilities
by greenja9 » Tue Jan 11, 2011 5:18 am
- greenja9
- Posts: 1
- Joined: Tue Jan 11, 2011 2:51 am
- Has thanked: 0 time
- Been thanked: 0 time
Re: Audit Capabilities
by Robert Sample » Tue Jan 11, 2011 5:55 am
Top Secret, like RACF and ACF2, is a security package that manages access to system resources. It may issue messags to the console log, but I'm not 100% sure what you mean by "managed syslog file". Depending upon what you mean by "event", either Top Secret or SMF (or both) will capture the "event" -- security access violaitons will be flagged by Top Secret, but in general system activity is logged by the SMF subsystem (including the security access violations). And where does Unix System Services come into this as your last sentence indicates? Which CA application is creating files? And, generally, part of the CA installation process is to customize data set names so only someone who works AT YOUR SITE (such asyour site security group) could possibly tell you what names are used for these data sets.
- Robert Sample
- Global moderator
- Posts: 3720
- Joined: Sat Dec 19, 2009 8:32 pm
- Location: Dubuque, Iowa, USA
- Has thanked: 1 time
- Been thanked: 279 times
Re: Audit Capabilities
by dick scherrer » Tue Jan 11, 2011 9:28 am
Hi Robert,
If my memory is still with me, i recall HP-UX (Hewlett-Packer Unix) logged login attempts/failures and placed a bit of tcp/ip info in the logged entry. Our systems also ran several "packet sniffers" to look for people tryhing to "sneak in". Due to the nature of the systems, we checked these logs rather regularly.
I've used console log (also called the system log many places) but i'm not familiar with the term "maintained syslog file".
Maybe we'll get some clarification. . .
I suspect this is a reference to "real" unix instead of the mainframe system services. . .And where does Unix System Services come into this as your last sentence indicates?
If my memory is still with me, i recall HP-UX (Hewlett-Packer Unix) logged login attempts/failures and placed a bit of tcp/ip info in the logged entry. Our systems also ran several "packet sniffers" to look for people tryhing to "sneak in". Due to the nature of the systems, we checked these logs rather regularly.
I'd vote that this is not an accurate statement - largely because the question is quite confusing. As far as i know TSS is NOT an automated process to "capture events" - it is to restrict/grant access to "things".Would this be an accurate statement:
The CA Top Secret application and maintained syslog file are the automated processes to capture events.
I've used console log (also called the system log many places) but i'm not familiar with the term "maintained syslog file".
Maybe we'll get some clarification. . .
Hope this helps,
d.sch.
d.sch.
-
dick scherrer - Global moderator
- Posts: 6268
- Joined: Sat Jun 09, 2007 8:58 am
- Has thanked: 3 times
- Been thanked: 93 times
Previous topic • Next topic • 3 posts
• Page 1 of 1
-
- Related topics
- Replies
- Views
- Last post
-
- How to extract an Specific zSecure Audit Report!
1, 2by danielgp89 » Fri Mar 29, 2019 11:46 pm - 11 Replies
- 5854 Views
- Last post by danielgp89
Tue Apr 30, 2019 6:12 am
- How to extract an Specific zSecure Audit Report!