Using the system exits of the Data Management System for the functions OPEN, FILE, ERASE and CATALOG, systems support can monitor access to files and limit it if necessary. The AUDIT operands in the CREATE-FILE-[GROUP]/MODIFY-FILE[-GROUP]-
ATTRIBUTES commands can be used to assign a flag to certain files. This flag is analyzed by the exit routines. For example, a check can be made on how often a certain file was opened or how many files were erased during a task. The exit routine can write the pertinent information temporarily into the task vector. A command or macro can also be rejected. File access monitoring of this type can be limited to certain user IDs and/or certain files.
ADD-USER/MODIFY-USER-ATTRIBUTES command
The FILE-AUDIT operand specifies for a user ID whether the user may modify the AUDIT attributes for their files using the CREATE-FILE-[GROUP]/ MODIFY-FILE[-GROUP]-ATTRIBUTES commands or the CATAL macro. Default value: FILE-AUDIT=NO.
Users can check the entry in the user catalog for their user IDs via the SHOW-USER-ATTRIBUTES command.
CREATE-FILE-[GROUP]/MODIFY-FILE[-GROUP]-ATTRIBUTES command
With the aid of the operand AUDIT=*NONE/*SUCCESS/*FAILURE/*ALL the user or systems support can specify for each file whether, and in what way, file access is to be monitored by the exit routines.
*NONE | Default value; no monitoring. |
*SUCCESS | command/macro processing which was completed successfully is monitored. |
*FAILURE | command/macro processing which was terminated with an error is monitored. |
*ALL | all command/macro processing is monitored. |
The contents of the AUDIT field in the catalog entry can be checked via the SHOW-FILE-ATTRIBUTES command/macro.
Position of the AUDIT indicator in the system tables (see appendix):
CATALOG parameter area:
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|