Skip to main content

The AUDIT log

When an AUDIT DD statement is present in the Mainframe Connector startup procedure, additional information related to password change requests is generated. The audit log is useful for monitoring the results of all password change requests sent to a Bravura Pass server.

The AUDIT DD can specify either a target dataset or a JES SYSOUT dataset. The attributes of an AUDIT dataset must be sequential with a record length of 133 characters.

When this dataset is filled, the following message is displayed on the operator console and the Mainframe Connector AUDIT feature is disabled.

PSYNC551I -- AUDIT DATASET IS FULL.  LOGGING HAS BEEN DISABLED.

Allocating a larger dataset for a subsequent startup of Mainframe Connector is one method of capturing data for a longer period. Another method is to regularly copy the log to a backup and clear the log thus keeping a history of log data over time.

You can disable the AUDIT feature by removing the DD statement entirely or by specifying a DD DUMMY statement in the startup procedure.

The example below shows a sample of the type of data written to the audit log.

  2000 050 13:21:42.19 MTCJDL1 UPDATEOK

  2000 050 13:40:29.10 MTCRDR1 TIMEOUT

  2000 050 14:22:10.45 MTCSKG1 UPDATEFAIL

  2000 050 15:45:20.32 MTCJDL1 CONNECTFAIL

  2000 050 17:12:36.56 MTCRDR2 UNKNOWN

The fields in the Mainframe Connector audit log are described below:

  • Date

    The julian date of the password change request.

  • Time

    The time of the password change request.

  • Userid

    The userid of the user for which the password change request is being made.

  • Result

    The condition which resulted from a password change request. Possible values and their descriptions follow:

    • UPDATEOK indicates that the request went to and returned from the Bravura Pass server and that the password was deemed acceptable. The local password will be reset.

    • UPDATEFAIL indicates that the request went to and returned from the Bravura Pass server and that the password was deemed unacceptable. The local password will NOT be reset.

    • TIMEOUT indicates that the request reached the configurable timeout value before a response was received from the Bravura Pass server. The local password reset event continues.

    • TIMEOUT1 indicates that the request timed out waiting for the Mainframe Connector subsystem to respond to the subsystem interface request. The local password reset event continues.

    • TIMEOUT2 indicates that the request reached the configurable timeout value while waiting in the subsystem interface request module for a response from the Bravura Pass server. The local password reset event continues.

    • CONNECTFAIL indicates that a network connection error condition occurred during the request. The local password reset event continues.

    • UNKNOWN indicates an unknown error condition. The local password reset event continues.

    • BYPASS indicates that the LISTCHECK parameter value is set to either INOUT or OUTBOUNDONLY and the userid for which the current password change request is being made has been rejected by the current INLIST or EXLIST list. The local password reset event continues.

In this section: