There is a DB2 mailing list, run by IDUG. Google can find it for you. I do not *know* the DB2 answer for certain but I believe all RACF violations are caught internally by DB2 and reported as SQL completion codes. RACF manages the whole security process itself -- either (the old way) totally internally or (the new way) by interfacing with RACF, ACF2 or TSS. I believe you are not going to get "classic" RACF violation messages for DB2 security violations. (Nor for CICS, but I know even less about CICS.)
Charles -----Original Message----- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of Pierre Fichaud Sent: Friday, March 19, 2021 2:23 PM To: IBM-MAIN@LISTSERV.UA.EDU Subject: DB/2 and CICS security If a security (RACF) violation occurs in a CICS region, where does the violation get reported? I couldn't find anything in the CICS SMF records but I'll look again. Do they get reported in the JESMSGLG or in a CICS ? Does a CICS exit need to be installed? There's tons of documentation to go through. I figured it might be faster to use this forum to get an asnwer. I don't have a CICS system to play with at the moment. I need the same kind of info for DB/2. I've yet to check the SMF record layouts. Again I don't have a DB/2 system to play with. Thanks in advance, Pierre. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN