Ensure that you authorize the CICS® region userid to write to (and create if necessary) the log streams that are used for its system log and general logs. You do this by granting the appropriate access authorization to log stream profiles in the LOGSTRM general resource class.
RDEFINE LOGSTRM region_userid.** UACC(NONE)
If, however, you have multiple CICS systems sharing the same region
userid, but with differing security requirements, include the applid in the
generic profile, as follows:
RDEFINE LOGSTRM region_userid.applid.* UACC(NONE)
PERMIT IXLSTR.structurename CLASS(FACILITY) ACCESS(UPDATE)
ID(region_userid)
PERMIT region_userid.applid.* CLASS(LOGSTRM) ACCESS(ALTER)
ID(region_userid)
PERMIT region_userid.applid.* CLASS(LOGSTRM) ACCESS(READ)
ID(authorized_browsers)
PERMIT region_userid.applid.* CLASS(LOGSTRM) ACCESS(UPDATE)
ID(archive_userid)
In these examples, region_userid is the CICS region userid under which CICS is running, either as a started task or batch job. The identifier archive_userid is the userid under which an application program runs to purge old data from CICS logs when the data is no longer needed. The identifier authorized_browsers refers to the userids of users allowed to read log streams, but not purge data.
If several CICS regions share the same CICS region userid, you can make profiles more generic by specifying * for the applid qualifier.
The number of profiles you define depends on the naming conventions of the logs, and to what extent you can use generic profiling.