You may want to create an audit trail for the BTS processes and activities
that run in your CICS® systems. Doing so allows you to:
- Track the progress of complex business transactions
- Diagnose problems in programs that are being developed to form a new business
application.
The CICS code contains BTS audit points in much the same way as it contains
trace points. However, there are three main differences between audit records
and trace entries:
- Trace entries are written to an internal trace table within the CICS address
space. In contrast, the audit trail of a process is written to a CICS journal,
which resides on an MVS™ logstream.
- Trace entries record the progress of tasks over a relatively short period
of time, typically seconds, minutes, or hours. In contrast, the audit trail
of a process can extend to days, weeks, or even months.
- Trace entries relate to activity in a single CICS region. In contrast,
in a sysplex the execution of different parts of a process may take place
on different regions within the sysplex. Therefore, each audit record contains
system, date, and time information. Typically, an audit record for a BTS
activity also contains:
- The identifier of the activity
- The process to which the activity belongs
- Information about the event which caused the activity to be invoked, canceled,
suspended, or resumed; or that fired when it completed.
Because logstreams can be shared by more than one region, it is possible
to write audit records from different regions to the same log.
There are four, incremental, auditing levels:
- None
- Process-level
- Activity-level
- Full.
How to specify the levels, and what they mean, is described in Specifying the level of audit logging.
Audit log records are written to an MVS logstream by the CICS Log Manager.
You can read the records off-line using the CICS audit trail utility program,
DFHATUP. DFHATUP allows you to:
- Filter records for specific process-types, processes, and activities
- Interpret records into a readable format.
You can use the CICS journal utility program, DFHJUP, to copy the audit
logstream to a backup file and to delete the logstream. By editing the JCL
used to run DFHATUP, you can make DFHATUP accept the backup file as input.
Audit records are buffered; they are written to the logstream only when
the buffer is full or a syncpoint occurs. This means that, when multiple CICS
regions share the same logstream, audit records may not be in
exact date and time order.
[[ Contents Previous Page | Next Page Index ]]