Hello, 

I am trying to use zSecure for various audit items my group needs to produce.  Can zSecure or zCARLa produce a report or display on the values in the OMVS USS filesystem, like '/etc/profile' for the 'umask=nnn' value, or the value of parameters used in the GSKSRVR for it's TCPIP.PAGENT when it initializes.  I'm new again to zSecure and trying to figure out how to use zSecure for all the audit items requested in addition to the RACF access which zSecure easily reports on. 

Thanks for taking my question.  

Hi Lynn,

that is a very generic question about the zSecure and CARLa capabilities for reporting about OMVS USS filesystem configuration and security settings. I am not quite certain if my interpretation of your question is accurate but I will attempt to provide you with some general pointers about OVMS/USS reporting in zSecure.

zSecure Audit supports a large variety of USS- and TCP/IP-related reports:

• • Option: Resource - IP stack (RE.I) produces up-to 14 different standard reports about TCP/IP settings and configuration depending on the reports that you select in the UI.
  • Option: Resource - UNIX (RE.U) provides a wealth of information about the configuration, security, and audit settings of USS file systems.
  • CARLa supports newlist types SYSTEM, UNIX, and 13 different IP-* newlist types that enable you to code your own TCP/IP reports or displays. 

These options might not provide answers to all examples that you mentioned in your question about OVMS USS reporting, but they might be helpful for a number of the audit items that your group needs to produce. 

For example, I know that zSecure supports field ETC_PROFILE_UMASK in newlist type SYSTEM  to report the umask of /etc/profile that you mention. However, according to me, zSecure currently does not support reporting about the content of the GSKSRVR configuration file.

I hope that you find this answer to be helpful. 

Hello, 

I am trying to use zSecure for various audit items my group needs to produce.  Can zSecure or zCARLa produce a report or display on the values in the OMVS USS filesystem, like '/etc/profile' for the 'umask=nnn' value, or the value of parameters used in the GSKSRVR for it's TCPIP.PAGENT when it initializes.  I'm new again to zSecure and trying to figure out how to use zSecure for all the audit items requested in addition to the RACF access which zSecure easily reports on. 

Thanks for taking my question.  

Thanks Tom for your help.  Could I somehow include the 'etc_profile_umask' from the 'SYSTEM Newlist' information into this report already included with zSecure 2.4.0?  Here's what I like so far:

n type=UNIX nodetailinherit name=UNIX1L,                                  

 ,                                                                        

 st="Files for paths resolving to /etc/profile"                           

 define type=unix any_acl true where extended_acl or,                     

   file_default_acl or directory_default_acl                              

 select ABS_PATHNAME="/etc/profile"                                       

 sortlist | rel_pathname(nondispl),                                        

          type attr any_acl("+",1,hb),                                    

          extattr auditflags owner(firstonly) group(firstonly),           

          rel_pathname(wrap 43) inode(10),                                

          uid(10) gid(10) link_count(10),                                 

        / "   Link target  :"(ne) link_target(wrap,0),                    

        / "   Audit concern:"(ne) auditconcern(wordwrap,0),               

        / "   Sensitivity  :"(ne) priv_senstype priv_concern(wordwrap,0)  

 summary / "Complex  System   Device",                                    

           "HFS mount point" ,                                             

         / complex system hfs_mountpoint(nondispl),                       

           dev(10) hfs_mountpoint(0,wrap) / /,                            

           "          T Filemode  + apsl AuF Owner    Group   ",          

           "Relative pathname (within HFS)                  ",            

           "Inode    User id   Group id Hard links" /                     

\/                                                                        

/*            

If I could include 'etc_profile_umask' in the Summary somehow - that would get it for me. 

Many thanks for help.

Lynn                         

Hi Lynn,

that is a very generic question about the zSecure and CARLa capabilities for reporting about OMVS USS filesystem configuration and security settings. I am not quite certain if my interpretation of your question is accurate but I will attempt to provide you with some general pointers about OVMS/USS reporting in zSecure.

zSecure Audit supports a large variety of USS- and TCP/IP-related reports:

• • Option: Resource - IP stack (RE.I) produces up-to 14 different standard reports about TCP/IP settings and configuration depending on the reports that you select in the UI.
  • Option: Resource - UNIX (RE.U) provides a wealth of information about the configuration, security, and audit settings of USS file systems.
  • CARLa supports newlist types SYSTEM, UNIX, and 13 different IP-* newlist types that enable you to code your own TCP/IP reports or displays. 

These options might not provide answers to all examples that you mentioned in your question about OVMS USS reporting, but they might be helpful for a number of the audit items that your group needs to produce. 

For example, I know that zSecure supports field ETC_PROFILE_UMASK in newlist type SYSTEM  to report the umask of /etc/profile that you mention. However, according to me, zSecure currently does not support reporting about the content of the GSKSRVR configuration file.

I hope that you find this answer to be helpful. 

Hello, 

I am trying to use zSecure for various audit items my group needs to produce.  Can zSecure or zCARLa produce a report or display on the values in the OMVS USS filesystem, like '/etc/profile' for the 'umask=nnn' value, or the value of parameters used in the GSKSRVR for it's TCPIP.PAGENT when it initializes.  I'm new again to zSecure and trying to figure out how to use zSecure for all the audit items requested in addition to the RACF access which zSecure easily reports on. 

Thanks for taking my question.  

Hi Lynn,

If you are current on maintenance, then the field is available with zSecure 2.4. It was added in the December 2020 service stream enhancement.

I think that the field can be included into the TYPE=UNIX summary, but the way I can think of is somewhat involved: write a SYSTEM report to an external file with SYSTEM in one column to serve as key for looking up ETC_PROFILE_UMASK. Then in another CARLa run, read that in as a DEFTYPE input file and do a lookup from the SYSTEM field in TYPE=UNIX. (This is assuming you do not have duplicate SYSTEM names.)

Regards,

Thanks Tom for your help.  Could I somehow include the 'etc_profile_umask' from the 'SYSTEM Newlist' information into this report already included with zSecure 2.4.0?  Here's what I like so far:

n type=UNIX nodetailinherit name=UNIX1L,                                  

 ,                                                                        

 st="Files for paths resolving to /etc/profile"                           

 define type=unix any_acl true where extended_acl or,                     

   file_default_acl or directory_default_acl                              

 select ABS_PATHNAME="/etc/profile"                                       

 sortlist | rel_pathname(nondispl),                                        

          type attr any_acl("+",1,hb),                                    

          extattr auditflags owner(firstonly) group(firstonly),           

          rel_pathname(wrap 43) inode(10),                                

          uid(10) gid(10) link_count(10),                                 

        / "   Link target  :"(ne) link_target(wrap,0),                    

        / "   Audit concern:"(ne) auditconcern(wordwrap,0),               

        / "   Sensitivity  :"(ne) priv_senstype priv_concern(wordwrap,0)  

 summary / "Complex  System   Device",                                    

           "HFS mount point" ,                                             

         / complex system hfs_mountpoint(nondispl),                       

           dev(10) hfs_mountpoint(0,wrap) / /,                            

           "          T Filemode  + apsl AuF Owner    Group   ",          

           "Relative pathname (within HFS)                  ",            

           "Inode    User id   Group id Hard links" /                     

\/                                                                        

/*            

If I could include 'etc_profile_umask' in the Summary somehow - that would get it for me. 

Many thanks for help.

Lynn                         

Hi Lynn,

that is a very generic question about the zSecure and CARLa capabilities for reporting about OMVS USS filesystem configuration and security settings. I am not quite certain if my interpretation of your question is accurate but I will attempt to provide you with some general pointers about OVMS/USS reporting in zSecure.

zSecure Audit supports a large variety of USS- and TCP/IP-related reports:

• • Option: Resource - IP stack (RE.I) produces up-to 14 different standard reports about TCP/IP settings and configuration depending on the reports that you select in the UI.
  • Option: Resource - UNIX (RE.U) provides a wealth of information about the configuration, security, and audit settings of USS file systems.
  • CARLa supports newlist types SYSTEM, UNIX, and 13 different IP-* newlist types that enable you to code your own TCP/IP reports or displays. 

These options might not provide answers to all examples that you mentioned in your question about OVMS USS reporting, but they might be helpful for a number of the audit items that your group needs to produce. 

For example, I know that zSecure supports field ETC_PROFILE_UMASK in newlist type SYSTEM  to report the umask of /etc/profile that you mention. However, according to me, zSecure currently does not support reporting about the content of the GSKSRVR configuration file.

I hope that you find this answer to be helpful. 

Hello, 

I am trying to use zSecure for various audit items my group needs to produce.  Can zSecure or zCARLa produce a report or display on the values in the OMVS USS filesystem, like '/etc/profile' for the 'umask=nnn' value, or the value of parameters used in the GSKSRVR for it's TCPIP.PAGENT when it initializes.  I'm new again to zSecure and trying to figure out how to use zSecure for all the audit items requested in addition to the RACF access which zSecure easily reports on. 

Thanks for taking my question.  

Thanks much for your help.  We are on 2.4.0 and I confirm with the dialog in zSecure ISPF for the Data Dictionary  (IN.D.1) for 'newlist SYSTEM.  The resulting list shows the 'ETC_PROFILE_UMASK' field .

Are there any samples of writing the SYSTEM report to pull that one element 'ETC_PROFILE_UMASK' to a sequential file and using as input to the next CARLA step?  

Many thanks for your reply.

Lynn

Hi Lynn,

If you are current on maintenance, then the field is available with zSecure 2.4. It was added in the December 2020 service stream enhancement.

I think that the field can be included into the TYPE=UNIX summary, but the way I can think of is somewhat involved: write a SYSTEM report to an external file with SYSTEM in one column to serve as key for looking up ETC_PROFILE_UMASK. Then in another CARLa run, read that in as a DEFTYPE input file and do a lookup from the SYSTEM field in TYPE=UNIX. (This is assuming you do not have duplicate SYSTEM names.)

Regards,

Thanks Tom for your help.  Could I somehow include the 'etc_profile_umask' from the 'SYSTEM Newlist' information into this report already included with zSecure 2.4.0?  Here's what I like so far:

n type=UNIX nodetailinherit name=UNIX1L,                                  

 ,                                                                        

 st="Files for paths resolving to /etc/profile"                           

 define type=unix any_acl true where extended_acl or,                     

   file_default_acl or directory_default_acl                              

 select ABS_PATHNAME="/etc/profile"                                       

 sortlist | rel_pathname(nondispl),                                        

          type attr any_acl("+",1,hb),                                    

          extattr auditflags owner(firstonly) group(firstonly),           

          rel_pathname(wrap 43) inode(10),                                

          uid(10) gid(10) link_count(10),                                 

        / "   Link target  :"(ne) link_target(wrap,0),                    

        / "   Audit concern:"(ne) auditconcern(wordwrap,0),               

        / "   Sensitivity  :"(ne) priv_senstype priv_concern(wordwrap,0)  

 summary / "Complex  System   Device",                                    

           "HFS mount point" ,                                             

         / complex system hfs_mountpoint(nondispl),                       

           dev(10) hfs_mountpoint(0,wrap) / /,                            

           "          T Filemode  + apsl AuF Owner    Group   ",          

           "Relative pathname (within HFS)                  ",            

           "Inode    User id   Group id Hard links" /                     

\/                                                                        

/*            

If I could include 'etc_profile_umask' in the Summary somehow - that would get it for me. 

Many thanks for help.

Lynn                         

Hi Lynn,

that is a very generic question about the zSecure and CARLa capabilities for reporting about OMVS USS filesystem configuration and security settings. I am not quite certain if my interpretation of your question is accurate but I will attempt to provide you with some general pointers about OVMS/USS reporting in zSecure.

zSecure Audit supports a large variety of USS- and TCP/IP-related reports:

• • Option: Resource - IP stack (RE.I) produces up-to 14 different standard reports about TCP/IP settings and configuration depending on the reports that you select in the UI.
  • Option: Resource - UNIX (RE.U) provides a wealth of information about the configuration, security, and audit settings of USS file systems.
  • CARLa supports newlist types SYSTEM, UNIX, and 13 different IP-* newlist types that enable you to code your own TCP/IP reports or displays. 

These options might not provide answers to all examples that you mentioned in your question about OVMS USS reporting, but they might be helpful for a number of the audit items that your group needs to produce. 

For example, I know that zSecure supports field ETC_PROFILE_UMASK in newlist type SYSTEM  to report the umask of /etc/profile that you mention. However, according to me, zSecure currently does not support reporting about the content of the GSKSRVR configuration file.

I hope that you find this answer to be helpful. 

Hello, 

I am trying to use zSecure for various audit items my group needs to produce.  Can zSecure or zCARLa produce a report or display on the values in the OMVS USS filesystem, like '/etc/profile' for the 'umask=nnn' value, or the value of parameters used in the GSKSRVR for it's TCPIP.PAGENT when it initializes.  I'm new again to zSecure and trying to figure out how to use zSecure for all the audit items requested in addition to the RACF access which zSecure easily reports on. 

Thanks for taking my question.  

Thanks much for your help.  We are on 2.4.0 and I confirm with the dialog in zSecure ISPF for the Data Dictionary  (IN.D.1) for 'newlist SYSTEM.  The resulting list shows the 'ETC_PROFILE_UMASK' field .

Are there any samples of writing the SYSTEM report to pull that one element 'ETC_PROFILE_UMASK' to a sequential file and using as input to the next CARLA step?  

Many thanks for your reply.

Lynn

Hi Lynn,

If you are current on maintenance, then the field is available with zSecure 2.4. It was added in the December 2020 service stream enhancement.

I think that the field can be included into the TYPE=UNIX summary, but the way I can think of is somewhat involved: write a SYSTEM report to an external file with SYSTEM in one column to serve as key for looking up ETC_PROFILE_UMASK. Then in another CARLa run, read that in as a DEFTYPE input file and do a lookup from the SYSTEM field in TYPE=UNIX. (This is assuming you do not have duplicate SYSTEM names.)

Regards,

Thanks Tom for your help.  Could I somehow include the 'etc_profile_umask' from the 'SYSTEM Newlist' information into this report already included with zSecure 2.4.0?  Here's what I like so far:

n type=UNIX nodetailinherit name=UNIX1L,                                  

 ,                                                                        

 st="Files for paths resolving to /etc/profile"                           

 define type=unix any_acl true where extended_acl or,                     

   file_default_acl or directory_default_acl                              

 select ABS_PATHNAME="/etc/profile"                                       

 sortlist | rel_pathname(nondispl),                                        

          type attr any_acl("+",1,hb),                                    

          extattr auditflags owner(firstonly) group(firstonly),           

          rel_pathname(wrap 43) inode(10),                                

          uid(10) gid(10) link_count(10),                                 

        / "   Link target  :"(ne) link_target(wrap,0),                    

        / "   Audit concern:"(ne) auditconcern(wordwrap,0),               

        / "   Sensitivity  :"(ne) priv_senstype priv_concern(wordwrap,0)  

 summary / "Complex  System   Device",                                    

           "HFS mount point" ,                                             

         / complex system hfs_mountpoint(nondispl),                       

           dev(10) hfs_mountpoint(0,wrap) / /,                            

           "          T Filemode  + apsl AuF Owner    Group   ",          

           "Relative pathname (within HFS)                  ",            

           "Inode    User id   Group id Hard links" /                     

\/                                                                        

/*            

If I could include 'etc_profile_umask' in the Summary somehow - that would get it for me. 

Many thanks for help.

Lynn                         

Hi Lynn,

that is a very generic question about the zSecure and CARLa capabilities for reporting about OMVS USS filesystem configuration and security settings. I am not quite certain if my interpretation of your question is accurate but I will attempt to provide you with some general pointers about OVMS/USS reporting in zSecure.

zSecure Audit supports a large variety of USS- and TCP/IP-related reports:

• • Option: Resource - IP stack (RE.I) produces up-to 14 different standard reports about TCP/IP settings and configuration depending on the reports that you select in the UI.
  • Option: Resource - UNIX (RE.U) provides a wealth of information about the configuration, security, and audit settings of USS file systems.
  • CARLa supports newlist types SYSTEM, UNIX, and 13 different IP-* newlist types that enable you to code your own TCP/IP reports or displays. 

These options might not provide answers to all examples that you mentioned in your question about OVMS USS reporting, but they might be helpful for a number of the audit items that your group needs to produce. 

For example, I know that zSecure supports field ETC_PROFILE_UMASK in newlist type SYSTEM  to report the umask of /etc/profile that you mention. However, according to me, zSecure currently does not support reporting about the content of the GSKSRVR configuration file.

I hope that you find this answer to be helpful. 

Hello, 

I am trying to use zSecure for various audit items my group needs to produce.  Can zSecure or zCARLa produce a report or display on the values in the OMVS USS filesystem, like '/etc/profile' for the 'umask=nnn' value, or the value of parameters used in the GSKSRVR for it's TCPIP.PAGENT when it initializes.  I'm new again to zSecure and trying to figure out how to use zSecure for all the audit items requested in addition to the RACF access which zSecure easily reports on. 

Thanks for taking my question.  

Fields from the SYSTEM newlist can usually be added into reports from other newlist types using lookup or indirect reference.

It follows that you could insert a line into your SORTLIST command like so

 / "   Compliant UMASK found:" :system.etc_profile_umask, 

or

 / "   Compliant UMASK found:" system:system.system.etc_profile_umask, 

since you will only list the attributes of /etc/profile.

Thanks much for your help.  We are on 2.4.0 and I confirm with the dialog in zSecure ISPF for the Data Dictionary  (IN.D.1) for 'newlist SYSTEM.  The resulting list shows the 'ETC_PROFILE_UMASK' field .

Are there any samples of writing the SYSTEM report to pull that one element 'ETC_PROFILE_UMASK' to a sequential file and using as input to the next CARLA step?  

Many thanks for your reply.

Lynn

Hi Lynn,

If you are current on maintenance, then the field is available with zSecure 2.4. It was added in the December 2020 service stream enhancement.

I think that the field can be included into the TYPE=UNIX summary, but the way I can think of is somewhat involved: write a SYSTEM report to an external file with SYSTEM in one column to serve as key for looking up ETC_PROFILE_UMASK. Then in another CARLa run, read that in as a DEFTYPE input file and do a lookup from the SYSTEM field in TYPE=UNIX. (This is assuming you do not have duplicate SYSTEM names.)

Regards,

Thanks Tom for your help.  Could I somehow include the 'etc_profile_umask' from the 'SYSTEM Newlist' information into this report already included with zSecure 2.4.0?  Here's what I like so far:

n type=UNIX nodetailinherit name=UNIX1L,                                  

 ,                                                                        

 st="Files for paths resolving to /etc/profile"                           

 define type=unix any_acl true where extended_acl or,                     

   file_default_acl or directory_default_acl                              

 select ABS_PATHNAME="/etc/profile"                                       

 sortlist | rel_pathname(nondispl),                                        

          type attr any_acl("+",1,hb),                                    

          extattr auditflags owner(firstonly) group(firstonly),           

          rel_pathname(wrap 43) inode(10),                                

          uid(10) gid(10) link_count(10),                                 

        / "   Link target  :"(ne) link_target(wrap,0),                    

        / "   Audit concern:"(ne) auditconcern(wordwrap,0),               

        / "   Sensitivity  :"(ne) priv_senstype priv_concern(wordwrap,0)  

 summary / "Complex  System   Device",                                    

           "HFS mount point" ,                                             

         / complex system hfs_mountpoint(nondispl),                       

           dev(10) hfs_mountpoint(0,wrap) / /,                            

           "          T Filemode  + apsl AuF Owner    Group   ",          

           "Relative pathname (within HFS)                  ",            

           "Inode    User id   Group id Hard links" /                     

\/                                                                        

/*            

If I could include 'etc_profile_umask' in the Summary somehow - that would get it for me. 

Many thanks for help.

Lynn                         

Hi Lynn,

that is a very generic question about the zSecure and CARLa capabilities for reporting about OMVS USS filesystem configuration and security settings. I am not quite certain if my interpretation of your question is accurate but I will attempt to provide you with some general pointers about OVMS/USS reporting in zSecure.

zSecure Audit supports a large variety of USS- and TCP/IP-related reports:

• • Option: Resource - IP stack (RE.I) produces up-to 14 different standard reports about TCP/IP settings and configuration depending on the reports that you select in the UI.
  • Option: Resource - UNIX (RE.U) provides a wealth of information about the configuration, security, and audit settings of USS file systems.
  • CARLa supports newlist types SYSTEM, UNIX, and 13 different IP-* newlist types that enable you to code your own TCP/IP reports or displays. 

These options might not provide answers to all examples that you mentioned in your question about OVMS USS reporting, but they might be helpful for a number of the audit items that your group needs to produce. 

For example, I know that zSecure supports field ETC_PROFILE_UMASK in newlist type SYSTEM  to report the umask of /etc/profile that you mention. However, according to me, zSecure currently does not support reporting about the content of the GSKSRVR configuration file.

I hope that you find this answer to be helpful. 

Hello, 

I am trying to use zSecure for various audit items my group needs to produce.  Can zSecure or zCARLa produce a report or display on the values in the OMVS USS filesystem, like '/etc/profile' for the 'umask=nnn' value, or the value of parameters used in the GSKSRVR for it's TCPIP.PAGENT when it initializes.  I'm new again to zSecure and trying to figure out how to use zSecure for all the audit items requested in addition to the RACF access which zSecure easily reports on. 

Thanks for taking my question.