Top Secret

  • 1.  TSS LOG(ALL)

    Posted Apr 25, 2018 10:01 AM

    We have a request to turn on TSS LOG(ACCESS), LOG(ACTIVITY), or LOG(ALL).  Anyone else running wiht one or more of these LOG options? 

    Seems like a performance hit to run permanently, but are we missing needed violation records for auditing purposes?   



  • 2.  Re: TSS LOG(ALL)

    Posted Apr 25, 2018 10:42 AM

    LOG(INIT,SMF,SEC9,MSG)   is what the DoD z/OS STIG recommends, that does record all security violations.

     

    Hope this helps.

     

    The DoD z/OS STIG for CA-TSS can be downloaded at the following link:  https://iasecontent.disa.mil/stigs/zip/U_zOS_TSS_V6R36_STIG.zip

     

    Once you download, unzip.   Look for folder:  U_zOS_TSS_V6R36_Manual_STIG, go into the folder and double click on file:  U_zOS_TSS_V6R36_STIG_Manual-xccdf  that should open the STIG for CA-TSS in your browser.  Lots of good security standards are found within as well as all the other documents provided within the z/OS STIG for TSS.

     

    The specific Control for LOG setting is:

    Rule Version (STIG-ID):  TSS0440
    Rule Title: The LOG Control Option is not set to (SMF,INIT, SEC9, MSG).

     

    Semper Fi

    Steve



  • 3.  Re: TSS LOG(ALL)

    Posted Apr 30, 2018 03:10 PM

    Thank you Steve.  That is just want I needed!

     

    Fred