Your Browser is not longer supported

Please use Google Chrome, Mozilla Firefox or Microsoft Edge to view the page correctly
Loading...

{{viewport.spaceProperty.prod}}

The FTAC logging function

openFT-AC checks the access rights of every FT request which the protected system is involved in and logs the results. This information is stored in the so-called FTAC logging records. In addition to the normal logging data (timestamps etc.), FTAC logging records contain the following information that is of importance for the FTAC administrator:

  • function of the FT request

  • reason for any rejections of the request by FTAC

  • transfer direction of the FT request

  • name of the partner system with which the FT request was/is to be carried out

  • LOGON authorization (USER-IDENTIFICATION ) of the initiator of requests which were made in the local system (or *REMOTE for remote request initiators)

  • name and privileging identifier of any admission profiles used

  • the local file or library name (on BS2000 and z/OS)

FTAC only checks the admission for a request on the basis of the admission sets and admission profiles. openFT logs whether or not it can actually execute the request in the FT or ADM log records.

The display of FTAC logging records can not be turned off. However, the display can be restricted to requests rejected by FTAC or to modifying requests.

The FTAC administrator can obtain information about all the admission checks that FTAC has so far performed. This simplifies system review activities, for example.

Deleting logging records

The FT administrator and the FTAC administrator are the only users in the system who can not only view but also delete the FTAC logging records. The FT user can view only his own log records, he may not delete log records.

FTAC logging records can only be deleted from the oldest date up to a specified date. This ensures that there will be no gaps in the log file up to the most current record.

In theory, FTAC can write any number of logging records (“until the disk is full”). From time to time, the FTAC administrator should make a backup of existing logging records (either print out a hard copy or make a copy on tape or save a file in CSV format) and then delete these logging records from the log file. This ensures that the logging records will provide a continuous record over an extended period of time, as well as prevent the log file from getting too large. The FTAC administrator can change the current log file and retain older log records in offline log files.

Powered by Atlassian Confluence and Scroll Viewport.