The SATSEL control statement allows you to define which events from which UTM event class are to be logged using SAT (preselection of the events to be logged). This involves specifying the event class to which the events belong, and then restricting the logging procedure within each event class by defining whether only successful results or only unsuccessful results are to be logged.
The SATSEL statement can be issued several times. If an event class is specified in several SATSEL statements, the values entered in the first statement determine the logging mode.
If SAT logging is to be activated when the application is started, this must be defined during generation (MAX ...,SAT=ON).
If MAX ...,SAT=OFF is generated, you can use SATSEL to define the events to be logged in the generation, even if SAT logging is deactivated. In this case, the SATSEL statements are not effective, but SAT logging is predefined. When required, SAT logging can then be activated during operation (KDCMSAT administration command).
The event logging mode can also be defined using the SATSEL operand in the USER (user specific) and TAC (TAC-specific) statements. If entries are made in various statements, the following applies:
Logging is switched on as soon as it is activated in a statement. The logging mode (SUCC, FAIL, or BOTH) is unique.
SAT logging can be activated in several statements (SATSEL, USER, and TAC statements). If different logging modes are specified in the various statements, openUTM creates a superset of logging modes by ORing the individual settings. However, there is one exception: if an event class is set to OFF in the SATSEL statement, logging is deactivated for this event class even if it is activated in the USER or TAC statement. Further information on the possible combinations of SAT logging conditions and their effect can be found in the openUTM manual “Using UTM Applications on BS2000 Systems”.
Each event to be logged (apart from SIGN, CHANGE-PW) is assigned to a USER and TAC. Logging of an event can thus be activated using the SATSEL statement (activate logging for a particular event) or the SATSEL operand of the USER or TAC statement.
|
|
BOTH | Both successful and unsuccessful events of the class specified in EVENT are logged. |
SUCC | Only successful events of the class specified in EVENT are logged. SAT logging is also performed as defined in the SATSEL operand of the USER and TAC statements. |
FAIL | Only unsuccessful events of the class specified in EVENT are logged. SAT logging is also performed as defined in the SATSEL operand of the USER and TAC statements. |
NONE | Event-specific SAT logging is not performed. SAT logging takes place only if activated for a specific user and/or TAC. |
OFF | None of the events of the class specified in EVENT are logged, even if SAT logging has been activated in the USER or TAC command. This allows you to exclude events from logging which are not relevant to security (e.g. access to TLS areas), and thus to restrict the quantity of log data. |
EVENT=(event1, event2, ...) | |
Event classes to be logged. The following event classes can be selected: | |
SIGN | Events that occur when the user signs on. |
CHANGE-PW | Events that occur when the user password is changed. |
START-PU | Events that occur when starting a program unit run, or when accepting a dialog or asynchronous job. |
END-PU | Events that indicate the end of the program unit run. |
GSSB | Events that indicate access to a global secondary storage area (GSSB). |
TLS | Events that indicate access to a terminal-specific long-term storage area (TLS). |
ULS | Events that indicate access to a user-specific long-term storage area (ULS). |
ADM-CMD | Events that affect the execution of an administration command issued by direct input or via a program interface. |