You control the amount of audit logging that CICS® performs for each process, using the
AUDITLOG and AUDITLEVEL attributes of the PROCESSTYPE definition. For detailed
information about defining process-types, see CEDA DEFINE PROCESSTYPE. However,
note the following:
- When a process is first defined, BTS obtains the process’s audit
level and audit log information from the installed PROCESSTYPE definition,
and copies it into the process record. During the lifetime of the process,
this copy of the audit information is used to determine auditing. If the auditing
information is changed (by, for example, a CEMT SET PROCESSTYPE command),
this has no effect on existing processes.
- If an installed PROCESSTYPE definition does not specify a CICS journal
name in its AUDITLOG field, CICS does not do any audit logging for processes
and activities of that type until the definition is replaced with one that
does contain the name of an audit log.
- The AUDITLOG field should not specify the SMF data set.
- Several process-types can share the same audit log.
- In a sysplex, different parts of a process may run on different CICS regions.
If you want to write audit records for all the parts, you must ensure that
all the regions have the same audit log information in their installed PROCESSTYPE
definitions. However, see Audit trail constraints--using DASD-only logstreams.
The AUDITLEVEL option of the PROCESSTYPE definition allows you
to specify one of four logging levels for processes of the defined type:
- ACTIVITY
- Specifies activity-level auditing. Audit records will be written from:
- The process audit points
- The activity primary audit points.
That is, an audit record will be written:
- Whenever a process of this type:
- Is defined
- Is requested to run
- Is requested to link
- Is acquired
- Completes
- Is reset
- Is canceled
- Is suspended
- Is resumed
- Each time data is placed in a process container belonging to a process
of this type--that is, each time a PUT CONTAINER PROCESS or PUT CONTAINER
ACQPROCESS command is issued against a process of this type
- Each time a process container belonging to a process of this type is deleted
- Each time a root activity (DFHROOT) of this type of process is activated.
- Every time a non-root activity belonging to a process of this type:
- Is requested to link
- Is activated
- Completes.
- FULL
- Specifies full auditing. Audit records will be written from:
- The process audit points
- The activity primary and secondary audit points.
That is, an audit record will be written:
- Whenever a process of this type:
- Is defined
- Is requested to run
- Is requested to link
- Is acquired
- Completes
- Is reset
- Is canceled
- Is suspended
- Is resumed
Each time data is placed in a process container belonging to a process
of this type
Each time a process container belonging to a process of
this type is deleted
Each time a root activity (DFHROOT) of this type
of process is activated
- Every time a non-root activity belonging to a process of this type:
- Is defined
- Is requested to run
- Is requested to link
- Is activated
- Completes
- Is acquired
- Is reset
- Is canceled
- Is suspended
- Is resumed
- Is deleted.
- OFF
- Specifies that no audit trail records will be written. This is the default
value.
- PROCESS
- Specifies process-level auditing. Audit records will be written from
the process audit points only. That is, an audit record will be written whenever
a process of this type:
- Is defined
- Is requested to run
- Is requested to link
- Is acquired
- Completes
- Is reset
- Is canceled
- Is suspended
- Is resumed
Each time data is placed in a process container belonging
to a process of this type
Each time a process container belonging to
a process of this type is deleted
Each time a root activity (DFHROOT)
of this type of process is activated
Note:
If you specify any value for AUDITLEVEL other than OFF,
you must also specify the AUDITLOG option of the PROCESSTYPE definition.
You must choose a level of auditing that suits your needs. The
more records that are written to the audit log, the longer your business transaction
will take to run. The fewer records written, the less information there will
be for auditing or diagnostic purposes.
To reset the AUDITLEVEL attribute
of an installed PROCESSTYPE definition, use the CEMT SET PROCESSTYPE command.
Changes are preserved across a restart of CICS. Note that changes to an installed
PROCESSTYPE definition have no effect on existing processes.
If a request to write an audit record fails:
- CICS issues an error message.
- Auditing for processes of this process-type is suspended until the audit
error is corrected and a CEMT SET JOURNALNAME(journal)
ACTION(RESET) command is issued. If this is done successfully, auditing is
resumed and a CICS message is issued to this effect. Some audit records will
have been lost.
[[ Contents Previous Page | Next Page Index ]]