Took the easy way out. Superseded all ICH408I messages from SYSLOG which have USER( at the front of word two. I see no need for them. We use SMF records for reporting. On Sep 18, 2012 10:18 AM, "McKown, John" <[email protected]> wrote:
> I have seen that. And other strange keying errors. PEBKAC. Now that you > mention it, I may use a CA-OPS/MVS rule to "blank out" portions of the > ICH408I messages. Say in the USER(...), GROUP(...) and NAME(...) portions. > I don't use them anyway. I use the SMF records. > > -- > John McKown > Systems Engineer IV > IT > > Administrative Services Group > > HealthMarkets® > > 9151 Boulevard 26 • N. Richland Hills • TX 76010 > (817) 255-3225 phone • > [email protected] • www.HealthMarkets.com > > Confidentiality Notice: This e-mail message may contain confidential or > proprietary information. If you are not the intended recipient, please > contact the sender by reply e-mail and destroy all copies of the original > message. HealthMarkets® is the brand name for products underwritten and > issued by the insurance subsidiaries of HealthMarkets, Inc. –The Chesapeake > Life Insurance Company®, Mid-West National Life Insurance Company of > TennesseeSM and The MEGA Life and Health Insurance Company.SM > > > > -----Original Message----- > > From: IBM Mainframe Discussion List [mailto:[email protected]] > > On Behalf Of Paul Gilmartin > > Sent: Tuesday, September 18, 2012 10:13 AM > > To: [email protected] > > Subject: Re: z/OS SYSLOG - why not let everybody read? > > > > On Tue, 18 Sep 2012 09:21:11 -0500, Elardus Engelbrecht wrote: > > > > >Ed Gould wrote: > > > > > >>1. I have seen passwords on the syslog. > > > > > >Can you show any example(s) of such messages? Of course you can mask > > out the passwords before posting. ;-) > > >Was that by design [1] or by operator error? Was that a verbatim copy > > of some command? > > > > > It's easy for a user to tab to the wrong field and inadvertently > > type a password in the user ID field. The user may correct the > > error and continue, not realizing that the password may now > > appear in SYSLOG. > > > > Mistake? Sure. Process violation? Sure. Security exposure > > nonetheless. > > > > -- gil > > > > ---------------------------------------------------------------------- > > For IBM-MAIN subscribe / signoff / archive access instructions, > > send email to [email protected] with the message: INFO IBM-MAIN > > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to [email protected] with the message: INFO IBM-MAIN > ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
