Your Browser is not longer supported

Please use Google Chrome, Mozilla Firefox or Microsoft Edge to view the page correctly
Loading...

{{viewport.spaceProperty.prod}}

Refining selection with system exit no.110

&pagelevel(4)&pagelevel

System administration can initiate execution of a SAT exit routing via system exit no. 110. The SAT exit routine makes it possible to suppress the recording of certain auditable events.

A description of the general mode of operation of system exits and a detailed description of system exit 110 is provided in the “System Exits” manual [18].

Execution procedure for system exit 110

Before a SATLOG record is written to the SATLOG file, a copy of the audit record is passed to the system exit together with information about its length. The SATLOG record can be analyzed on the basis of the identifiers for SAT information (see tables starting on "Table of object-related events").

The SAT exit routine can then trigger one of the following, depending on the result of the analysis:

  • initiate selective responses (for example blocking a user ID after a certain number of failed LOGON attempts)

  • write a separate audit record (ANY event, $SATANY macro)

  • on return to SAT via the return code, allow or suppress writing of the analyzed audit record.

Security precautions

The security administrator must explicitly permit the exit routine calls with the MODIFY-SAT-PRESELECTION ...,EXIT=*YES command.

Only a copy of the audit record is passed to the exit, thus ensuring that the exit routine is unable to modify the contents of the record.

The exit routine is not invoked for any events for which the logging setting cannot be modified, nor is it invoked for the ANY event.

Exit routines are subsystems with freely selectable names. In a secure system, therefore, system administration should define naming conventions (in particular for system exit no. 110) which unambiguously identify the connection between subsystems and exit routines.

The security administrator has no control over the execution of exit routines. The loading of subsystems should therefore always be monitored in a secure system (in particular for system exit no. 110). To do that, the security administrator must use the /MODIFY-SAT-PRESELECTION command in order to select the events “activate subsystem” (SCR), “hold subsystem” (SHD), “resume subsystem” (SRS) and “deactivate subsystem” (SDL) for logging.

Powered by Atlassian Confluence and Scroll Viewport.