J ou·rna ling LOGO N, AUTO LOG, and LI N
K
CommandsLOGON, AUTOLOG, and LINK Journaling attempts to detect and record
certain occurrences of theLOGON, AUTOLOG, or LINK commands. using the
recorded information, an installation may be able to identify attempts
to logon toVM/370 by users that issue invalid passwords. Also, the
installation may be able to identify users that successfully issue the
LINK command to protected minidisks not ownedby that user.
Briefly,LOGON, AUTOLOG, and LINK journaling works like this. While
journaling is turned on,CP monitors all occurrences of the LOGON, AUTOLOG, and LINK commands. CP keeps count of the number of times a
user issues one of these commands with an invalid password.When this
count exceeds an installationdefined threshold value, CP optionally: I • Writes a record to the accounting data set to record the incident I • Rejects subsequent LOGON, AUTOLOG, or LINK commands issued by the I user I • Sends a message to an installation-defined user identification to I alert the installation to the incident
Also, each timeCP detects,that a user has successfully issued a LINK
command to a protected minidisk not owned by that user,CP optionally
records the incident by writing a record to the accounting data set. A
protected minidisk is a minidisk whose password is anything but ALL for
the type of LINK attempted.
For a description of the accounting records thatCP writes for LOGON, AUTOLOG, and LINK journaling, see the section "Accounting Records."
TheSYSJRL macro instruction, the SET and the QUERY command
enable an installation to controlLOGON, AUTOLOG, and LINK journaling.
To make journaling available and to specify options, code theSYSJRL macro instruction in module DMKSYS. Instructions for coding this macro
instruction are in thegng To
turn journaling on or off,lise the class A SET command. To determine
whether journaling is on or off, use the class AQUERY command. Part 2. Control Program (CP) 229
K
Commands
certain occurrences of the
recorded information, an installation may be able to identify attempts
to logon to
installation may be able to identify users that successfully issue the
LINK command to protected minidisks not owned
Briefly,
journaling is turned on,
user issues one of these commands with an invalid password.
count exceeds an installation
Also, each time
command to a protected minidisk not owned by that user,
records the incident by writing a record to the accounting data set. A
protected minidisk is a minidisk whose password is anything but ALL for
the type of LINK attempted.
For a description of the accounting records that
The
enable an installation to control
To make journaling available and to specify options, code the
instruction are in the
turn journaling on or off,
whether journaling is on or off, use the class A