Tommy, Why don't you put AUDIT on the source file and see who touches it for READ?
IIRC, IND$FILE might be possible to track if you had a product like MXG or SOFTAUDT or MICS and the access was to the mainframe. Is there a specific way they are invoking IND$FILE? From a PC or from the mainframe? Lizette > >because our audit want to check the unauthorized user (outsource >programmer) download the source program from our shop. > >>> >> :>Is there any way that can keep track the usage of IND$FILE, if the user >> :>rename the IND$FILE to ther own location and call it with TN3270, how >> can we >> :>check this case. >> >> WHy do you want to do this? What is your business case? ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html