THANK YOU to Adam and to Rob for reminding me how to do this basic stuff. And of course now that I have been reminded how to do this, it has spawned another weird issue.
I'm trying to determine how best to change UACC=READ on our VTAMLST dataset per an audit recommendation. So I ran Access Monitor against the VTAMLST dataset to see who's been using it. A series of TSO ID's and STC ID's were reported.
But our VTAM started task, which runs under userid $NET, did not show up in the access list.
This obviously can't be right, so in Access Monitor option 1, I requested all accesses (since 1/1/2021) for userid $NET. It read thousands of AM records and came back with "Nothing selected". How is that possible?
This is the output from the started task, we all can see it reads VTAMLST at startup on January 17:
---- SUNDAY, 17 JAN 2021 ----
IEF695I START NET WITH JOBNAME NET IS ASSIGNED TO USER $NET <====
$HASP373 NET STARTED
IEF403I NET - STARTED - TIME=00.39.10
IST116I MEMBER ATCSTR00 NOT FOUND ON VTAM DEFINITION LIBRARY
IST054I ATCSTR00 IN VTAMLST NOT FOUND - START PROCESSING CONTINUES <====
Why then is access monitor not reporting ANY historical access at all for this critical system task? Should I be reporting this as a product issue?
Thanks in advance.
------------------------------
David Malbuff
------------------------------
Original Message:
Sent: Tue February 09, 2021 09:25 AM
From: Rob van Hoboken
Subject: Access Monitor dataset profile records
If you put a / in front of "Further selection" you can limit the reported users/resources to update or more:
Action against resource Intended access Result
Define > 1 1. Read / Success
Delete 2. Update No profile
Addvol 3. Control Not authorized
Chgvol 4. Alter Other
and when you add a / in front of "Show simulated fields", it finds the group(s) that match both the user's connect groups and the data set's profile with the intended access or more. Look for this info at the end of the details panel (keep drilling down through the summary levels). This may help you spot the minimum number of groups to put on the ACL of your new profiles.
------------------------------
Rob van Hoboken
------------------------------