Gadi Ben-Avi wrote: >I would like to prevent a user from accessing the SMF log >streams.... >Is there anything else that I need to define?
To add to earlier replies, it's prudent to encrypt your log stream data sets so that you're fully blocking unauthorized user access, even from storage administrators for example. You can enable log stream data set encryption in z/OS 2.2 (with the z/OS Data Set Encryption PTFs) or higher on IBM z114/z196 machines or higher. (z/OS 2.1 with PTFs has some awareness of encrypted log stream data sets but cannot create them.) There are some potential performance implications to consider on machines prior to the z14 models, but you shouldn't treat such implications as a veto even if they exist. Security is also quite important and keeps getting more important. For more information, try this link (z/OS 2.3 documentation): https://www.ibm.com/support/knowledgecenter/en/SSLTBW_2.3.0/com.ibm.zos.v2r3.ieaf100/enclogstrds.htm -------------------------------------------------------------------------------------------------------- Timothy Sipples IT Architect Executive, Industry Solutions, IBM Z & LinuxONE -------------------------------------------------------------------------------------------------------- E-Mail: [email protected] ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
