I've decided, for a "new" function that I'm contemplating writing, to make access to be based on RACF access to a profile in the FACILITY class. And make a new RACF group (I'm the main RACF person, too) which I'll call SYSLOGG, make it the only ID with READ to this profile. And CONNECT any user to be authorized to look a SYSLOG to be the SYSLOGG group. But I'm still in the design phase on this. And whether it is even needed. Well, I know that, at least around here, it is not needed.
-- John McKown Systems Engineer IV IT Administrative Services Group HealthMarkets(r) 9151 Boulevard 26 * N. Richland Hills * TX 76010 (817) 255-3225 phone * [email protected] * www.HealthMarkets.com Confidentiality Notice: This e-mail message may contain confidential or proprietary information. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. HealthMarkets(r) is the brand name for products underwritten and issued by the insurance subsidiaries of HealthMarkets, Inc. -The Chesapeake Life Insurance Company(r), Mid-West National Life Insurance Company of TennesseeSM and The MEGA Life and Health Insurance Company.SM > -----Original Message----- > From: IBM Mainframe Discussion List [mailto:[email protected]] > On Behalf Of Ed Gould > Sent: Tuesday, September 18, 2012 9:11 AM > To: [email protected] > Subject: Re: z/OS SYSLOG - why not let everybody read? > > John: > > Over the years auditors at my company have come up with a similar > question. While I give it to the auditors I do no give it out to say > the average person. > 1. I have seen passwords on the syslog. > 2. I have also seen arguments that have come up in meetings over how > operators replied to messages and other operator actions. They > (operators) do not want to be second guessed on day to day jobs (they > get enough if that from their boss and me). Any information that is > pertinent to the job is in their joblog end of story. > > Ed ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
