Thank you Tom adding this statement resolved the fields when combining the newlists.
Original Message:
Sent: Thu January 16, 2025 04:55 AM
From: Tom Zeehandelaar
Subject: Access Monitor Mixing Newlist Types
Hi Scott,
frankly, I am not entirely sure what is the cause of this behavior that you report when combining the newlist types ACCESS and RACF_ACCESS in a single job.
However, when you add statement:
simulate racf_access
To your CARLa code, the SIM_ fields are resolved as you expected.
I hope this helps.
------------------------------
Tom Zeehandelaar
z/OS Security Enablement Specialist - zSecure developer
IBM
Original Message:
Sent: Wed January 15, 2025 04:52 PM
From: Scott Lahner
Subject: Access Monitor Mixing Newlist Types
I was running an Access Monitor batch job in one Carla step with 2 different Newlist types(TYPE=ACCESS & TYPE=RACF_ACCESS), to produce 2 separate reports. When I ran the job with both newlists in the same step , the 1st report was missing values for SIM_VIA, SIM_VIA_GROUPS & SIM_PROFILE.
If I remove the 2nd Newlist (type=racf_access) from the step, I successfully receive values for each SIM_VIA, SIM_VIA_GROUPS & SIM_PROFILE.
Is this an expected result when mixing Newlist types and reading Access Monitor data?
1st Newlist
NEWLIST TYPE=ACCESS DD=FILE1 PL=0
SELECT CLASS=FACILITY RESOURCE=STGADMIN.*
SORTLIST LAST_TOD USERID SYSTEM(5),
ACCESS_PROFILE,
INTENT SIM_VIA SIM_VIA_GROUPS SIM_PROFILE,
CLASS,RESOURCE
2nd Newlist
NEWLIST TYPE=RACF_ACCESS DD=FILE2
DEFINE TOTAL SUM(ACCESS_COUNT_VIO)
SELECT CLASS=(FACILITY) PROFILE=STGADMIN.*,
ACCESS_COUNT_VIO>0
SORTLIST ID CLASS PROFILE PROFTYPE ACCESS_FIRSTUSE ,
ACCESS_LASTUSE ACCESS(9) ACCESS_COUNT_VIO(6) ACCESS_COUNT_SUC(7),
ACCESS_INTENT_MAX_SUC(7) ACCESS_INTENT_MIN_VIO(7)
SUMMARY TOTAL
------------------------------
Scott Lahner
------------------------------