IBM Mainframe Forum

Hi,

I wanted to know if it is possible to get a system-generated list of changes made to an LPAR. At the PTF level, or whichever level feasible(Tool/Product level would not suffice as that is easy to track w.r.t approvals and other things, and besides, no tool/product was installed during the period. This is a requirement for audit. What do you guys usually send for such a request. The topic's title is their exact requirement. Please let me know if you need any other information in this regard. Thank you very much for your help.


Thanks
v1gnesh

Make sure you have plenty of spool space as this will generate a LOT of lines of output (something like 8 to 10 lines per PTF per zone). Run SMP/E and use

Thank you Robert. Can I limit the output based on a specific period? I am told that I would be required to provide approval for applying any randomly chosen PTF(s) from the list I provide. That would be really difficult if I list out every PTF. Are there any other alternatives.


Thanks
v1gnesh

What exactly are you talking about? System changes is rather vague. Are you talking about changes to z/OS, changes to RACF, changes to ..... These changes (PTFs) come from IBM and who is going to determine if they should be applied? Who really has enough knowledge about this to make those decisions? What is the purpose of all this?

Changes to z/OS primarily. My team provides support at the OS, storage and security level. Purpose, as stated in the first post, is for audit.

If you are sure that the SMP environment is set up to write the log to a Dataset and none of the users bypass this (a big if) you can use the command
list log(mm dd yy, mm dd yy)

What do you guys usually send for such a request. The topic's title is their exact requirement. Please let me know if you need any other information in this regard. Thank you very much for your help.

Your question is just murky and the auditor request badly formulated
unless they are completely morons the AUDITORS should know how to ask better

I would just give them the output of a

repeated for each target zone of Your installation
and let them deal with the about 80000 lines of output ( that' s for the zOS target zone only )
after a while they will learn how to ask

the usual request is to look for USER modifications and settings
( for example the names and content of authorized libraries )
so ... You will have to provide a list of the MODIFICATIONS/CUSTOMIZATIONS made by Your support/installation team

and usually the APARS and PTFS provided by software support are not object of auditing

unless BTSTGTTS once upon a time a stupid auditor resented HASJES20 PPT properties pretending them to be taken away ...
and we were pretty glad to oblige ( in the MVS sandbox naturally )

asking such questios on a forum will not provide usually any reasonable reply,
each responder might have had different experiences
wiser to clarify the whole thing with the people who made the request

Your question is just murky and the auditor request badly formulated
unless they are completely morons the AUDITORS should know how to ask better

Believe it or not, last time i gave the output of

and the output went way beyond 8000 lines. Still didn't bother them. So i wanted to send something less, and a little bit more accurate this time. They chose a random PTF from that output that went beyond 80MB and asked for change request/approval for the same. :/

asking such questios on a forum will not provide usually any reasonable reply,
each responder might have had different experiences
wiser to clarify the whole thing with the people who made the request

i understand. which is why i'm not looking for anything specific. wanted to know how everyone else deals with this: if they face such vague requests too, that is.

Thanks for your reply!

the number of lines was not 8000... it was about 80000 just for the NOSUP
for a plain LIST SYSMOD ( all inclusive ) was about 150000

They chose a random PTF from that output that went beyond 80MB and asked for change request/approval for the same.

I wonder about the effectiveness of such AUDITING ( apart filling the <proper> amount of useless papers )
( and if some obscure prereq for a HYPER ptf is missing the paper trail somebody will certainly get into trouble )

it' s just like ISO certification ...
if the some <procedure> manual had ..
question: what do <You> do if the <house> takes fire
answer: nothing
that <procedure> would pass ISO certification
the event was described, the action was clearly documented and approved AMEN
I am just pulling people' s legs but from a strict ISO logic that holds
the same with audit, if there is a paper trail than it is OK

LOL. I'm not sure how it went last time( i'm new to this place ). But apparently a CR# for z/OS version upgrade was provided.
Also, would this work out well? I can very well contain the result. Still there would be a lot of unnecessary data. Perhaps a 'list log' with the target zones as input? Would that be possible?

nevilh wrote:If you are sure that the SMP environment is set up to write the log to a Dataset and none of the users bypass this (a big if) you can use the command
list log(mm dd yy, mm dd yy)