Previous topic |
Next topic |
Contents |
Contact z/OS |
Library |
PDF
IRRADU00 record format z/OS Security Server RACF Macros and Interfaces SA23-2288-00 |
|
The following topics contain a detailed description of the records that are produced by the RACF SMF data unload utility. The output of the utility is a series of records that represents the security relevant SMF data that is the input to the utility. These records are in a format suitable for export to the relational data manager of an installation's choice. Each record that is produced consists of two parts:
Each row in the tabular description of the records that are produced
by the utility contains five pieces of information:
In some cases, the input SMF record does not contain all of the data that are indicated in the output record mappings shown in the following sections. In these cases, IRRADU00 places blanks in the fields. For the audit records created for RACF® commands, the exact order and format of the unloaded keywords and operands from the commands (contained within the fields whose names end with "_SPECIFIED", "_IGNORED", and "_FAILED,") are not part of the programming interface. Furthermore, for RACF commands that allow segment fields to be specified (ADDUSER, ALTUSER, ADDGROUP, ALTGROUP, ADDSD, ALTDSD, RDEFINE, and RALTER), only the keywords that correspond to the base segment in the RACF database appear in the SMF unload fields whose names end with "_IGNORED" and "_FAILED". Keywords that correspond to segment fields in the RACF database, such as "TSO(ACCTNUM(1234))" or "SESSION(INTERVAL(20))" appear in fields whose names end with "_SPECIFIED", even if the segment keywords fail because of field level access checking. |
Copyright IBM Corporation 1990, 2014
|