blackhillsoftware.com

[Doc Farmer]

Greetings!

The tool so far has worked well. I'd like to know if you plan to add reporting/coverage for security records (SMF Type 80) and CICS activity (SMF Type 110). Both would be VERY helpful in my work, especially when checking for CICS transaction activity in CA-Top Secret environments where the transactions are not protected, or in RACF environments where the security profiles use asterisks (CE* instead of CEMT, CEDA, etc., as separate definitions).

Many thanks.

Doc Farmer
Senior Security Specialist
InfoSec, Inc.
http://www.InfoSecInc.com

[Andrew Rowley]

Hi, I am glad to hear it's working well.

I am planning to add more records. Which ones depends a lot on what people request, but security records are an obvious candidate.

I don't have a CICS background, so CICS is lower on the list simply because I don't know what information is useful. However if you can give me more information about what you want to see, that will help.

Regards

Andrew Rowley

[Doc Farmer]

Well, let's see:

• CICS Tran usage by User ID (summary and detail)
• CICS Tran usage per hour/day/week (summary/counts)
• CICS Tran start/end time - to find process durations over x.xxx seconds
• CICS Tran abends
• CICS Tran comparison to Type 80 (security) profile - successes, failures

Those ones are just off the top of my head.

[Andrew Rowley]

Thanks, that gives me some good information to start with.