Hi,
I'm trying some Carla code to get a report of RACF certificate usage (Access monitor or SMF) But I seem to get nowhere.
I'm trying to report on the usage of DIGTCERT and DIGTRING to see if a certificate is still used. We are in the process of decommissioning some applications and to be sure if the certificates can be delete, I need some reporting.
I tried SMF:
OPTION EMPTYLIST=HIDE REQUIRED
Suppress CKFREEZE
N TYPE=SMF N=SMFSEL
S,
CLASS=FACILITY PROFILE=IRR.DIGTCERT.LIST
SORTLIST,
CERTIFICATE_ISSUER,
CERTIFICATE_LABEL,
CERTIFICATE_SERIAL,
CERTIFICATE_SUBJECT
Or
OPTION EMPTYLIST=HIDE REQUIRED
Suppress CKFREEZE
N TYPE=SMF N=SMFSEL
S,
CLASS=FACILITY PROFILE=IRR.DIGTCERT.LISTRING
SORTLIST,
CERTIFICATE_ISSUER,
CERTIFICATE_LABEL,
CERTIFICATE_SERIAL,
CERTIFICATE_SUBJECT
I tried Access monitor:
newlist type=access nodetailinherit required
select ,class=DIGTCERT resource=**
sortlist class,
resource , access_count last_tod,
jobname userid access_proftype ,
access_profile ,
intent ,
access_allowed,
access_result
or instead of DIGTCERT I used DIGTRING but still getting nowhere.
Or I get errors, or I get an empty report.
Any ideas?
Regards,
Marc Massart
| | | | | Marc MASSART | | Mainframe Security & Risks - Consultant Mainframe Services - IT Mainframe Services | | BNP Paribas Fortis NV - Warandeberg 3, 1CP2A, 1000 Brussel | | | |
======================================================
BNP Paribas Fortis disclaimer:
http://www.bnpparibasfortis.com/e-mail-disclaimer.html
BNP Paribas Fortis privacy policy:
http://www.bnpparibasfortis.com/privacy-policy.html
======================================================