SYSLOG tells a lot about identities running in your system, and more specific, those who are assigned to STCs and the way they get it (STARTED class, ICHRIN03) and why. Assume that you allow STCs to run under the identity of a user with same name. It is easy to collect this information from IRR814I and IEF695I messages. Another issue is collecting information about how the system is configured (STCs that are running under the MSTR that writes to SYSLOG). In short, there is much to get from the SYSLOG that you don't want your users to know...
ITschak On Wed, Sep 19, 2012 at 3:17 PM, McKown, John <[email protected] > wrote: > I was stupid enough to enable that, back in OS/VS1 days. I wrote two CICS > transactions. One showed the initiators. The other showed the jobs > currently running. When I did this, I was envisioning the Production > Control people using them. Tech Services was in Operations at the time. I > was told to allow programmers to use them. War ensued. The programmers kept > calling the operators complaining that other jobs were running before > theirs. Or that they didn't like how the classes on the initiators were set > up. > > -- > John McKown > Systems Engineer IV > IT > > Administrative Services Group > > HealthMarkets(r) > > 9151 Boulevard 26 * N. Richland Hills * TX 76010 > (817) 255-3225 phone * > [email protected] * www.HealthMarkets.com > > Confidentiality Notice: This e-mail message may contain confidential or > proprietary information. If you are not the intended recipient, please > contact the sender by reply e-mail and destroy all copies of the original > message. HealthMarkets(r) is the brand name for products underwritten and > issued by the insurance subsidiaries of HealthMarkets, Inc. -The Chesapeake > Life Insurance Company(r), Mid-West National Life Insurance Company of > TennesseeSM and The MEGA Life and Health Insurance Company.SM > > > > -----Original Message----- > > From: IBM Mainframe Discussion List [mailto:[email protected]] > > On Behalf Of Thomas Kern > > Sent: Tuesday, September 18, 2012 6:46 PM > > To: [email protected] > > Subject: Re: z/OS SYSLOG - why not let everybody read? > > > > "Sensitive" data is very relative. Does Joe User REALLY deserve to see > > that Jane > > Consultant has been running jobs for that other department that has > > been getting a better > > budget than Joe? Joe gets to raise all holy hell to the Data Center > > Manager who comes down > > on us worthless sysprogs because WE let the cat out of the bag. > > > > /Tom Kern > > > > On 9/18/2012 09:30, McKown, John wrote: > > > Well, that's the general question. Is there any reason why the > > "average joe", regardless of job function, should *NOT* have the > > ability to look at SYSLOG? Does anybody put "sensitive" data out to it? > > > > > > > ---------------------------------------------------------------------- > > For IBM-MAIN subscribe / signoff / archive access instructions, > > send email to [email protected] with the message: INFO IBM-MAIN > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to [email protected] with the message: INFO IBM-MAIN > ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
