Re: Sign on Activity Top Secret
You'll need 2 things... First, if TSSUTIL only listed violations, you may not be logging INIT events, in which case no log on audit data is being produced and thus no tool will be able to report what you are looking for. Check out the LOG control options and make sure you have INIT set: * INIT Logs all job/session initiations and terminations. Then, use TSSUTIL with report selection criteria such as: EVENT(INIT) FACILITY(TSO) Tom Chicklon -Original Message- From: IBM Mainframe Discussion List On Behalf Of Steely.Mark Sent: Wednesday, December 11, 2019 6:21 PM To: IBM-MAIN@LISTSERV.UA.EDU Subject: Sign on Activity Top Secret **CAUTION EXTERNAL EMAIL** **DO NOT open attachments or click on links from unknown senders or unexpected emails** Does someone have a program that can be shared - that will list all TSO sign-on ? I know it is SMF 80 record. I can write a program but I don't want to re-invent the wheel. The program can be SAS, EARL, ASM etc We are z/OS v2.2 and TSS v16. I looked at TSSUTIL but it only listed violations. CA / Broadcom documentation states: Use a report generator or program to produce customized reports based on the credential types used during signon activity. Any help would be appreciated. Thank You *** Disclaimer *** This communication (including all attachments) is solely for the use of the person to whom it is addressed and is a confidential AAA communication. If you are not the intended recipient, any use, distribution, printing, or copying is prohibited. If you received this email in error, please immediately delete it and notify the sender. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN **CAUTION EXTERNAL EMAIL** **DO NOT open attachments or click on links from unknown senders or unexpected emails** This e-mail transmission contains information that is confidential and may be privileged. It is intended only for the addressee(s) named above. If you receive this e-mail in error, please do not read, copy or disseminate it in any manner. If you are not the intended recipient, any disclosure, copying, distribution or use of the contents of this information is prohibited. Please reply to the message immediately by informing the sender that the message was misdirected. After replying, please erase it from your computer system. Your assistance in correcting this error is appreciated. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: Sign on Activity Top Secret
You need to turn on the option to capture inits/terms. Then the report will have it. https://www.stigviewer.com/stig/zos_tss/2018-12-20/finding/V-203 Rob Schramm On Wed, Dec 11, 2019, 18:30 Gibney, Dave wrote: > Haven't looked, but you mention SAS. If you have SAS and don't have MXG, > then aside from being shortsighted, my comment won't help. > I would expect there is something in MXG that will get you close to your > desires. > > > -Original Message- > > From: IBM Mainframe Discussion List On > > Behalf Of Steely.Mark > > Sent: Wednesday, December 11, 2019 3:21 PM > > To: IBM-MAIN@LISTSERV.UA.EDU > > Subject: Sign on Activity Top Secret > > > > Does someone have a program that can be shared - that will list all TSO > sign- > > on ? > > > > I know it is SMF 80 record. I can write a program but I don't want to > re-invent > > the wheel. > > > > The program can be SAS, EARL, ASM etc > > We are z/OS v2.2 and TSS v16. I looked at TSSUTIL but it only listed > violations. > > CA / Broadcom documentation states: Use a report generator or program to > > produce customized reports based on the credential types used during > > signon activity. > > Any help would be appreciated. > > > > Thank You > > > > *** Disclaimer *** > > This communication (including all attachments) is solely for the use of > the > > person to whom it is addressed and is a confidential AAA communication. > If > > you are not the intended recipient, any use, distribution, printing, or > copying > > is prohibited. If you received this email in error, please immediately > delete it > > and notify the sender. > > > > -- > > For IBM-MAIN subscribe / signoff / archive access instructions, send > email to > > lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: Sign on Activity Top Secret
Haven't looked, but you mention SAS. If you have SAS and don't have MXG, then aside from being shortsighted, my comment won't help. I would expect there is something in MXG that will get you close to your desires. > -Original Message- > From: IBM Mainframe Discussion List On > Behalf Of Steely.Mark > Sent: Wednesday, December 11, 2019 3:21 PM > To: IBM-MAIN@LISTSERV.UA.EDU > Subject: Sign on Activity Top Secret > > Does someone have a program that can be shared - that will list all TSO sign- > on ? > > I know it is SMF 80 record. I can write a program but I don't want to > re-invent > the wheel. > > The program can be SAS, EARL, ASM etc > We are z/OS v2.2 and TSS v16. I looked at TSSUTIL but it only listed > violations. > CA / Broadcom documentation states: Use a report generator or program to > produce customized reports based on the credential types used during > signon activity. > Any help would be appreciated. > > Thank You > > *** Disclaimer *** > This communication (including all attachments) is solely for the use of the > person to whom it is addressed and is a confidential AAA communication. If > you are not the intended recipient, any use, distribution, printing, or > copying > is prohibited. If you received this email in error, please immediately delete > it > and notify the sender. > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, send email to > lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Sign on Activity Top Secret
Does someone have a program that can be shared - that will list all TSO sign-on ? I know it is SMF 80 record. I can write a program but I don't want to re-invent the wheel. The program can be SAS, EARL, ASM etc We are z/OS v2.2 and TSS v16. I looked at TSSUTIL but it only listed violations. CA / Broadcom documentation states: Use a report generator or program to produce customized reports based on the credential types used during signon activity. Any help would be appreciated. Thank You *** Disclaimer *** This communication (including all attachments) is solely for the use of the person to whom it is addressed and is a confidential AAA communication. If you are not the intended recipient, any use, distribution, printing, or copying is prohibited. If you received this email in error, please immediately delete it and notify the sender. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN