Domain: | SECURITY-ADMINISTRATION |
Privileges: | SECURITY-ADMINISTRATION, SAT-FILE-MANAGEMENT |
The /SHOW-SAT-STATUS command can be used by the security administrator and the SAT file manager to request the output of information on SAT auditing.
SHOW-SAT-STATUS | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
INFORMATION =
This defines the type of information to be output.
INFORMATION = *SUMMARY
The information described under LOGGING-STATUS, COLLECTION-FILE and
PRESELECTION-RULE is to be output. For reasons of compatibility the value *STD is still supported when used instead of *SUMMARY.
INFORMATION = *LOGGING-STATUS
The current SAT status (RECORD, HOLD, NO RESOURCE, SHUTDOWN) is to be output.
INFORMATION = *COLLECTION-FILE
The attributes of the SATLOG file (Name, SUPPORT, BUFFER-LENGTH, PRIMARY-ALLOCATION and SECONDARY-ALLOCATION) are to be output.
INFORMATION = *PRESELECTION-RULE
Displays the following information:
the current selection rule: *INDEPENDENT or *FILES-BY-EVENTS
the recording scope: *STD or *EXTENDED
the EXIT activation: *YES or *NO.
the default value for the audit setting for newly created user IDs: *ON or *OFF.
INFORMATION = *EVENT-AUDITING(...)
Information about events is to be output.
EVENT-NAME = *ALL(...)
The events to which a certain auditing setting applies are to be output.
AUDIT-SWITCH = *IGNORE
A list of all events is to be output, irrespective of whether or not they have been selected for auditing.
AUDIT-SWITCH = *ON(...)
A list of those events is to be output which have been selected for auditing. This includes permanent selection (audit state *ON) as well as temporary selection (audit state ON).
RESULT = *ALL / *SUCCESS / *FAILURE
A list of those events is to be output which have been selected for auditing and
whose audit attributes match the specified RESULT value.
AUDIT-SWITCH = *OFF
A list of all events not selected for auditing is to be output.
EVENT-NAME = <name 3..3>
The auditing settings for the specified events are to be output. The entry consists of the 3-character name of the event type, e.g. FCD, FRD,... (see “Table of object-related events”).
INFORMATION = *USER-AUDITING(...)
The users selected for auditing are to be output.
USER-IDENTIFICATION = *ALL-SWITCHABLE(...)
All user IDs are to be output for which auditing may be activated/deactivated (“switchable” user IDs) and which have a specific audit attribute (the user ID of the security administrator, SYSAUDIT and user IDs possessing the SAT-FILE-
MANAGEMENT privilege are not switchable).
AUDIT-SWITCH = *IGNORE / *ON / *OFF
The audit attribute of the “switchable” user IDs is to be either applicable/not applicable or to be ignored (default value).
USER-IDENTIFICATION = *ALL(...)
All user IDs with a specific audit attribute are to be output.
AUDIT-SWITCH = *IGNORE / *ON / *OFF
The audit attribute of the user IDs is to be either applicable/not applicable or to be ignored (default value).
USER-IDENTIFICATION = <name 1..8>
The auditing settings for the specified user ID are to be output.
OUTPUT = *SYSOUT
The requested information is to be output to SYSOUT.
OUTPUT = *SYSLST(...)
The requested information is to be output to SYSLST.
LINES-PER-PAGE = 64 / <integer 20..255>
This defines the number of lines on the output page.
VALUE = *CURRENT / *STD / *NEXT-SESSION
This specifies which information is to be output:
the currently valid values, the default values or the values which will be valid in the next session. The list of user IDs is not output unless INFORMATION=*USER-AUDITING and VALUE=*CURRENT have been specified.
Command return codes
(SC2) | SC1 | Maincode | Meaning |
0 | CMD0001 | Command successfully executed | |
32 | SAT0000 | Unrecoverable error | |
32 | CMD2009 | System error during output of S variables | |
64 | SAT1000 | User not privileged for command | |
64 | SAT1020 | Event already exists in event list | |
64 | SAT1030 | User already exists in user list | |
64 | SAT1040 | Information already exists in information list | |
64 | SAT1060 | No information available | |
64 | OPS0002 | Output of S variables has been aborted | |
128 | SAT1010 | Another command is currently being processed | |
128 | SAT1080 | Exchange being prepared | |
128 | SAT4010 | SAT parameter file not currently available | |
130 | OPS0001 | It was not possible to output the S variables |
Notes
An error message is returned if one or more of the specified user IDs does not exist in the user catalog. The command is executed for those user IDs present in the user catalog. The same rule applies to unknown event types.
The command is rejected if the list of events contains the same event more than once. The same rule applies to the list of user IDs.
If the audit setting for an event or a user is preceded by an asterisk (*) this setting cannot be altered.
Example:
USER-AUDITING
SYSAUDIT *ON SYSPRIV *ON TSOS OFF
See also the general notes on SAT commands in "Functional overview".
Examples
The security administrator wishes to have information about the current status of SAT, about the assigned SATLOG file and the valid linkage rule:
/show-sat-statusThis command provides the following output:
SAT SUBSYSTEM VERSION 05.6A10 VALUE = CURRENT LOGGING-STATUS : RECORD COLLECTION-FILE(SATLOG) : FILENAME : :A:$SYSAUDIT.SYS.SATLOG.2021-10-06.003.01 STATUS : OPENED BLOCK : (STD,2) SPACE : (1002,1002) REPEAT : NO WAITING FOR PUBSET : *STD PRESELECTION-RULE : INDEPENDENT BY-EXIT : NO LOGGING-QUANTITY : STD USER-AUDITING DEFAULT : ON
Waiting for pubset outputs:
• *STD : Standard processing. Home pubset will be preferred for SATLOG.
• *NO : SATLOG is already located on selected pubset.
• <pubset_name> : SATLOG will move if named pubset is imported.The security administrator wishes to restrict the output to those events explicitly selected for auditing (RESULT = ALL). This is done by entering the following command:
/show-sat-status information= -/ *event-auditing(event-name=*all(audit-switch=*on(result=*all)))or its abbreviated form:
/show-sat-stat inf=*event-audit(event-name=*all(audit-switch=*on))The security administrator wishes to
output the selection parameters for all events
output information on the selection parameters for the user IDs BILL, HUGO and JAMES.
This is done by entering the following command:
/show-sat-status information=( -/ *event-auditing(event-name=*all), -/ *user-auditing(user-identification=(bill,hugo,james)))or its abbreviated form:
/show-sat-stat (event-audit,user-audit((bill,hugo,james)))
Output in S variables
The INFORMATION operand of this command specifies which S variables are assigned values. The possible entries for INFORMATION are as follows:
Notation in command | Abbreviated notation in table |
INFORMATION = SUMMARY | 1 |
INFORMATION = LOGGING-STATUS | 2 |
INFORMATION = COLLECTION-FILE | 3 |
INFORMATION = PRESELECTION-RULE | 4 |
INFORMATION = EVENT-AUTDITING | 5 |
INFORMATION = USER-AUDITING | 6 |
Additional conditions which interact with the specifications of INFORMATION:
Additional conditions | Abbreviated notation in table |
Value assignment, only if LOG-F.REPEAT=*TRUE | b |
The table below is arranged according to the names of the S variables. Column T (type) indicates the data type of the contents: S (string), I (integer), B (boolean).
Output information | Name of the S variable | T | Contents | Condition |
Audit attribute of the event in the | var(*LIST).EVENT-AUDIT(*LIST). | S | *OFF | 5 |
Abbreviated name of the event | var(*LIST).EVENT-AUDIT(*LIST). | S | <name 3..3> | 5 |
Event has been selected for | var(*LIST).EVENT-AUDIT(*LIST). | B | FALSE | 5 |
Buffer size of the SATLOG file | var(*LIST).LOG-F.BUF-LEN | I | <integer 1..16> | 1,3 |
Name of the SATLOG file | var(*LIST).LOG-F.NAME | S | <filename> | 1,3 |
SATLOG file is open | var(*LIST).LOG-F.OPEN | B | FALSE | 1,3 |
Time period (in days) after which | var(*LIST).LOG-F.PERIOD-DAYS | I | <integer 0..10> | b |
Time period (in hours) after which | var(*LIST).LOG-F.PERIOD-HOURS | I | <integer 0..23> | b |
Primary storage space allocation | var(*LIST).LOG-F.PRIMARY-ALLOC | I | <integer> | 1,3 |
The logging file is changed | var(*LIST).LOG-F.REPEAT | B | FALSE | 1,3 |
Secondary storage space | var(*LIST).LOG-F.SECONDARY-ALLOC | I | <integer 0..32767> | 1,3 |
Type of disk storage on which the | var(*LIST).LOG-F.SUP-TYPE | S | *PUBLIC | 1,3 |
Desire to move SATLOG file to another pubset | Var(*LIST).LOG-F.WAITING-FOR-PUBSET | S | *STD | 1,3 |
Current SAT status | var(*LIST).LOG-STA | S | *HOLD | 1,2 |
Exit routine 110 can be invoked | var(*LIST).PRESEL-RULE.EXIT | S | *NO | 1,4 |
Logging quantity | var(*LIST).PRESEL-RULE.QUANTITY | S | *STD | 1,4 |
Type of logic rule for logging the | var(*LIST).PRESEL-RULE.RULE | S | *FILES-BY-EVENTS | 1,4 |
Default value for the audit setting | var(*LIST).PRESEL-RULE.USER-AUDIT-DEF | S | *OFF | 1,4 |
Audit attribute of the subject which | var(*LIST).USER-AUDIT(*LIST). | S | *OFF | 6 |
Indication of whether the user ID is | var(*LIST).USER-AUDIT(*LIST). | B | FALSE | 6 |
User ID for which auditing is | var(*LIST).USER-AUDIT(*LIST). | S | <name 1..8> | 6 |