Objective: build a “watchdog” CARLa program that verifies that no started tasks are defined on your system with the PRIVILEGED attribute assigned.

This example shows a CARLa program that generates an SNMP message that is sent to a UNIX system log. Optionally, a Network Monitor tool can be used to be triggered by your UNIX system log message to automatically take the appropriate action.

Notes regarding the CARLa code. In this example, the PRIVILEGED attribute is checked for started task user IDs. The input to this program is the current active RACF database:

• The SYSLOG keyword on the NEWLIST statement requests a syslog trap to be sent of each selected record in the NEWLIST. Syslog traps are requested with a line length of 2048 and UTF-8 encoding. If no SYSLOGTO keyword is specified, the output is automatically redirected to DD=C2RSYSLG
  
• The SYSLOGTO keyword determines the output destination for syslog traps. The destination can be a name from a Domain Name Server (DNS) or IP address lookup. The default port is 514.
  
• The SYSLOGTOFILE is used to send syslog output to a file for testing. When you specify this keyword, the LRECL and RECFM settings for the C2RSYSLG file are used. If you specify SYSLOGTOFILE on a NEWLIST statement, the redirection applies only to that NEWLIST.
  
• C2RSYSLG is the designated DDname that receives the redirected output from the UNIX syslog when OPTION SYSLOGTOFILE is specified. To support the line length for writing syslog traps, specify the following values for the record format and line length: RECFM=VB,LRECL=2048.
  

This CARLa batch job verifies whether there are any started tasks defined in RACF that can run PRIVILEGED. If that is the case, message CKR703S is generated as a UNIX system log message and sent to a UNIX machine.

This screen capture shows how this CKR703S message appears in DDname C2RSYSLG in SDSF when this situation occurs:

Because the use of the SYSLOG keyword formats the message in UTF-8 encoding this output might look like garbage to you. However, this message is shown in UTF-8 encoding. Once this message reaches the intended UNIX system log, it is readable as text. On modern systems, you can use the SDSF line command SB, and use the ISPF command DISPLAY UTF8 to view the file in readable format.

 

 

Continue with Including system settings in your reports

 

© Copyright IBM Corp. 2012, 2020

IBM, the IBM logo and ibm.com are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml.