in the Audit Report: The indication of the old status for operations, in the operation event and in the Audit Report A new TRL record (66) replaced the old operation event (23) to contain also the added information about status change"> in the Audit Report: The indication of the old status for operations, in the operation event and in the Audit Report A new TRL record (66) replaced the old operation event (23) to contain also the added information about status change">

Presentation is loading. Please wait.

Presentation is loading. Please wait.

© 2009 IBM Corporation IWS z/OS 9.3.0 SPEs Auditing enhancements.

Published byGloria Potter Modified over 8 years ago

Similar presentations

Presentation on theme: "© 2009 IBM Corporation IWS z/OS 9.3.0 SPEs Auditing enhancements."— Presentation transcript:

1 © 2009 IBM Corporation IWS z/OS 9.3.0 SPEs Auditing enhancements

2 © 2011 IBM Corporation IBM Confidential Agenda Auditing improvements for CP: PI48075 New auditing feature for database objects PI48133, PI54662

3 © 2011 IBM Corporation Tracking operation completion in case of MCP actions taken at occurrence level: – Occurrence manual "set to complete“ – Automatic completion of internal not completed predecessors when an operation is manually set to complete. IBM Confidential Enhancing Auditing for CP Activities: PI48075 Adding more information on the operation event => in the Audit Report: The indication of the old status for operations, in the operation event and in the Audit Report A new TRL record (66) replaced the old operation event (23) to contain also the added information about status change

4 © 2011 IBM Corporation IBM Confidential Agenda Auditing improvements for CP: PI48075 New auditing feature for database objects PI48133, PI54662

5 © 2011 IBM Corporation IBM Confidential Extended Auditing Highlights We need to log much more information than today. The JT logs are currently used also for auditing purposes but their main functionality is to be used for internal turn over and recovery processing. Thus we should not add new data to the JT logs that is not useful for this purpose and avoid overloading the JT files. We needed new JT-like sequential files (DB logs) to log all the DB records before and after the changes. This files need to be saved and archived, and we use the same processing currently running for the JT. The new data are logged optionally. Anew value is available for the AMOUNT parameter of the AUDIT statement to indicate to switch to Extended Auditing. These are the main considerations coming from customers’ needs:

6 © 2011 IBM Corporation IBM Confidential Extended Auditing Infrastructure: PI48133, PI54662 A new set of JT-like sequential datasets to log database activities: EQQDB*  EQQDBARC  EQQDB01-EQQDBnn  EQQDB01-EQQDBnn (where nn is the same number as JTs)  EQQDROUT TRL67 Apart from the standard (JT-like) TRL records for opening and closing datasets such as TRL 37 (20) 36, all the DB activities for which the Extended Auditing is enabled are logged in EQQDB* datasets by means of a new record: TRL67 that extends the old TRL32. When a TRL67 is logged in EQQDB*, the old, known TRL32 will NOT be logged in the EQQJT* (except when the Hot Standby Controller feature is active) All the controller messages regarding JT datasets switch and archiving have been changed to refer also to DB datasets when appropriate Here are the main internal highlights that support the design of Extended Auditing infractructure (1/2):

7 © 2011 IBM Corporation IBM Confidential Extended Auditing Infrastructure: PI48133, PI54662 BEFORE AFTER In case of MODIFY, both the old and new record of the database (BEFORE and AFTER) are logged in EQQDB* The EQQDB* MUST be the same number as EQQJT* and the SWITCH processing is always synchronized (e.g. At each CP backup)  EQQJTARC EQQDBARC  EQQJT01 EQQDB01... EQQJTnn EQQDBnn  EQQTROUT EQQDROUT In case EQQDBARC gets full, the Extended Auditing is automatically deactivated without causing the abend of the NMM task EQQDROUT is filled in by Daily Plan batch by using the same criterium used for EQQTROUT Here are the main internal highlights that support the design of Extended Auditing infractructure (2/2):

8 © 2011 IBM Corporation IBM Confidential Enabling Extended Auditing: PI48133, PI54662 Run EQQJOBS to create sample JCLs and set Y to activate the Extended Auditing. Run EQQJOBS to create Skeletons. EQQPCS14 Run the sample JCL EQQPCS14 to allocate the new EQQDB* datasets. Modify Controller JCL and Daily Plan batch jobs procedures to address the new DD EQQDB* statements (or copying the updated samples from the sample library). AMOUNT EXTENDED A new value to be assigned to the AMOUNT keyword of the AUDIT parameter, as an alternative to the already existing ones (INDEX and DATA) : EXTENDED At this point you are ready to start! Take the following steps to configure your environment for using the Extended Auditing Feature:

9 © 2011 IBM Corporation The EQQAUDIT code has been enhanced to read also the new DB logs. The processing of each DB record saved before and after the change allows to provide information about:  who (the user under which the request was executed);  how (Dialog, PIF, DWC), when (timestamp);  what (list of fields modified with old and new value) was changed. IBM Confidential Formatter

10 © 2011 IBM Corporation Formatter New INPUT DATASETs are now passed in the SYSIN to the EQQAUDIT program to produce DB logs reports: IBM Confidential

11 © 2011 IBM Corporation New PARMS can be passed in the SYSIN to the EQQAUDIT program to produce DB logs reports: – DBX, DBR to specify the input files – K (KEY),S (SUMMARY) or F (FULL) to select the report level for records and sections added or deleted – Record type (AD, WS, RD, RG, OI, JV, PER, CAL) – Object names (or keys) – Dates IBM Confidential Formatter

12 © 2011 IBM Corporation IBM Confidential Formatter //* IF YOU ARE USING DBX or DBR AS INPUT: //* ========================================================= //* POS 01-03: 'DBX','DBR' TO DEFINE WHAT INPUT FILES TO USE //* POS 04-04: EXTENDED AUDITING REPORT Level of information: //* Valid for delete or add action //* K - print key only //* S - print summary info (default) //* F - print complete info //* POS 05-08: FILE FILTERING: //* 'WS ','RD ','AD ','RUN ','OI ','JV ', //* 'PER ','CAL ',' ' //* POS 09-52: ACCORDING TO FILE FILTERING, ADDITIONAL KEY //* FILTERING: //* - WS WSNAME POS: 09-12 //* - RD RESOURCE NAME POS: 09-52 //* - AD AD NAME POS: 09-24 //* - RG RUN CYCLE GROUP POS: 09-16 //* - OI OIKEY POS: 09-27 //* ADID POS: 09-24 //* OPNO POS: 25-27 //* - JV TABLE NAME POS: 09-16 //* - PER PERIOD NAME POS: 09-16 //* - CAL CALENDAR NAME POS: 09-16 //* POS 53-57: FREE //* POS 58-67: FROM_DATE/TIME AS YYMMDDHHMM OR BLANK //* POS 68-77: TO_DATE/TIME AS YYMMDDHHMM OR BLANK

13 © 2011 IBM Corporation IBM Confidential Formatter Example to get a report:  from the DBX files  with all possible data (full)  for Application Description file  and just for application ANNARAFFACOND006

14 © 2011 IBM Corporation IBM Confidential Formatter Header and Common Section…

15 © 2011 IBM Corporation IBM Confidential Formatter Operation Section…

16 © 2011 IBM Corporation IBM Confidential Formatter..with Dependencies sections

17 © 2011 IBM Corporation IBM Confidential Formatter …with Conditions and Condition Dependencies sections

18 © 2011 IBM Corporation IBM Confidential Formatter …with Special Resource, Extented Info, User Fields, Var. Dur/Dead sections

19 © 2011 IBM Corporation IBM Confidential Formatter Run Cycle Section…

20 © 2011 IBM Corporation Questions?

Download ppt "© 2009 IBM Corporation IWS z/OS 9.3.0 SPEs Auditing enhancements."

Similar presentations

Recruitment Booster.

Recruitment Booster.
Main Menu F3 Exit = Press F3 to exit this screen. Commonly Use Keys: F4 Prompt = Position cursor in front of ‘?’ location and press F4 to display a list.

Main Menu F3 Exit = Press F3 to exit this screen. Commonly Use Keys: F4 Prompt = Position cursor in front of ‘?’ location and press F4 to display a list.
1 of 39 DA1245 Enhanced Transaction Tracking Last updated: March-2009 DA1245 Enhanced Transaction Tracking.

1 of 39 DA1245 Enhanced Transaction Tracking Last updated: March-2009 DA1245 Enhanced Transaction Tracking.
1099 Pro, Inc. – Software for 2004 1099 Pro Enterprise Edition Features.

1099 Pro, Inc. – Software for Pro Enterprise Edition Features.
Employee Contracts Overview PPMS User Group May 29, 2009 Rita Lauzon.

Employee Contracts Overview PPMS User Group May 29, 2009 Rita Lauzon.
South Dakota Library Network ALEPH Acquisitions Overview South Dakota Library Network 1200 University, Unit 9672 Spearfish, SD 57799 www.sdln.net © South.

South Dakota Library Network ALEPH Acquisitions Overview South Dakota Library Network 1200 University, Unit 9672 Spearfish, SD © South.
1 DB2 Access Recording Services Auditing DB2 on z/OS with “DBARS” A product developed by Software Product Research.

1 DB2 Access Recording Services Auditing DB2 on z/OS with “DBARS” A product developed by Software Product Research.
Oracle9i Database Administrator: Implementation and Administration 1 Chapter 12 System and Object Privileges.

Oracle9i Database Administrator: Implementation and Administration 1 Chapter 12 System and Object Privileges.
The Audit System for TWS z/OS

The Audit System for TWS z/OS
HORIZONT 1 ProcMan ® The Handover Process Manager Product Presentation HORIZONT Software for Datacenters Garmischer Str. 8 D- 80339 München Tel ++49(0)89.

HORIZONT 1 ProcMan ® The Handover Process Manager Product Presentation HORIZONT Software for Datacenters Garmischer Str. 8 D München Tel ++49(0)89.
Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.

Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.
Introduction of z/OS Basics © 2006 IBM Corporation Chapter 5: Working with data sets.

Introduction of z/OS Basics © 2006 IBM Corporation Chapter 5: Working with data sets.
Backup and Recovery Part 1.

Backup and Recovery Part 1.
HORIZONT 1 TWS/Audit The Audit System for TWS z/OS HORIZONT Software for Datacenters Garmischer Str. 8 D- 80339 München Tel ++49(0)89 / 540 162 - 0 www.horizont-it.com.

HORIZONT 1 TWS/Audit The Audit System for TWS z/OS HORIZONT Software for Datacenters Garmischer Str. 8 D München Tel ++49(0)89 /
HORIZONT 1 TWS/Audit The Audit System for TWS z/OS HORIZONT Software for Datacenters Garmischer Str. 8 D- 80339 München Tel ++49(0)89 / 540 162 - 0 www.horizont-it.com.

HORIZONT 1 TWS/Audit The Audit System for TWS z/OS HORIZONT Software for Datacenters Garmischer Str. 8 D München Tel ++49(0)89 /
Webinar Training Series New Year Rollover. Agenda Introduction/Purpose Documentation Planning & Preparation Configuring Option Sets Processing New Year.

Webinar Training Series New Year Rollover. Agenda Introduction/Purpose Documentation Planning & Preparation Configuring Option Sets Processing New Year.
DB Audit Expert v1.1 for Oracle Copyright © 1999-2002 SoftTree Technologies, Inc. This presentation is for DB Audit Expert for Oracle version 1.1 which.

DB Audit Expert v1.1 for Oracle Copyright © SoftTree Technologies, Inc. This presentation is for DB Audit Expert for Oracle version 1.1 which.
Microsoft Office Word 2013 Expert Microsoft Office Word 2013 Expert Courseware # 3251 Lesson 4: Working with Forms.

Microsoft Office Word 2013 Expert Microsoft Office Word 2013 Expert Courseware # 3251 Lesson 4: Working with Forms.
MS Access Advanced Instructor: Vicki Weidler Assistant:

MS Access Advanced Instructor: Vicki Weidler Assistant:
FAS New Features Martha Pluemer 2012 User Conference.

FAS New Features Martha Pluemer 2012 User Conference.

Similar presentations

Ads by Google