IBM Security Z Security

Hi,

To list ACF2 resource rules I can use the AA.I panel. How do I do the same for DB2 rules?

At ACF prompt I would list regular resource rules like this, set ACF2 type code and list:

ACF

set resource(fac)

RESOURCE

list like(-)

But for DB2 rules I need to set DB2 type code and sysid:

ACF

set db2(tbl) sysid(****)

DB2

list like(-)

How do I achieve this from the zSecure panels?

Cheers,

Max

Hello Max,

zSecure Audit for ACF2 does not have any specific support for ACF2-DB2.

What can be seen in AA.S for all infostorage records is about all you would be able to display from the panels.

The following CARLa least would accomplish listing all existing DB2 rules (s info_class=D), if you are not using an unload:

n type=acf2_info

dsum info_class * typecode * smf_key

Regards, Mike

Hi Mike!

Thank you for the answer. I tried your carla but am not getting any results in D class:

C Count

C 1081

P 21175

S 45

X 2783

1 13

Have we missed something in our zSecure setup to see D class maybe?

Cheers,

Max

Hi Max,

This is because zSecure skips ACF2 records of a type it does not support, and that are not structured, so I was incorrect with the previous CARLa code.

You could try something like this:

deftype type=£recs                                     

alloc type=£recs dsn=<your.hlq>.BKINFO

n type=£recs                                           

 def quay as substr(record,33,40)                     

 def ityp as substr(record,33,1)                      

 s ityp=D                                             

 d quay        

Regards, Mike                                       

Hi Mike,

That worked much better. Thank you.

Cheers,

Max