"log user actions and tie said actions back to that user via a unique identifier"
That is not intrusion detection. Intrusion detection is a good thing, but it is basically looking for outsiders trying to get in. (Loosely speaking.) Not known users doing good and occasionally bad things. <commercial plug> https://correlog.com/mainframe-security-solutions/sas-correlog-mainframe/ + https://correlog.com/software/download-czdash-rcpt.html Does exactly what you describe. In real time. With alerts for the bad things to your cell phone or BMC Remedy, etc. See it live in action with "Soldier of Fortran" Phil Young: https://correlog.com/correlog-events/ (scroll down to the second section) </commercial plug> Charles -----Original Message----- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of esst...@juno.com Sent: Friday, July 14, 2017 3:28 PM To: IBM-MAIN@LISTSERV.UA.EDU Subject: Need Hep with HIDS and z/OS Hello, I'm not a security person. Need some help with HIDS and z/OS- What is HIDS You ask ? HIDS stands for Host Intrusion Detection System * I'm researching an issue for a business unit. I really know nothing about HIDS. . There requirement What they are looking for here is essentially a tool that has the functionality to log user actions and tie said actions back to that user via a unique identifier. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
