Release Notes

Release notes of Adabas Auditing for z/OS.


New Features / Enhancements

Audit Server Audit Log (ALOG)

The Audit Log replaces the Command Log in the Audit Server. Refer to the following table for topics concerning the creation and operation of Audit Logs.

Topic Description
Create Audit Logs DDALOGRn datasets must be created and formatted. For more information, refer to ADAFRM ALOGFRM.
ADARUN parameters ADARUN parameters must be added to control Audit Log processing. For more information relating to the parameters DUALALD, DUALALS, NALOG, ALOGDEV and ALOGSIZE, refer to Pertinent ADARUN Parameters for Auditing.
Force End-of-file The operator command FEOFAL is used to force end-of-file on the current Audit Log. For more information, refer to FEOFAL Command.
Add/Delete Audit Logs Audit Logs can be added and deleted using the ADADBS utility. For more information, refer to ADADBS ADDALOG and ADADBS DELALOG respectively.
Copying Audit Logs Audit Logs are copied using the ADARES utility. For more information, refer to ADARES ALCOPY.

AUDCONNECT Operator Command and Utility

In the event of a disconnection between an Auditing Database and an Audit Server, the AUDCONNECT command may be used to re-establish a connection.

Clarification of Audit ID and Audit Name

When auditing is enabled for a file in an Auditing Database, an Audit Name must be assigned to the file and Adabas will then automatically assign an Audit ID.

In the previous version of Adabas Auditing, the Audit Name used by the utilities ADACMP, ADADBS and ADALOD was incorrectly labelled as AUDITID. This caused confusion between the user assigned Audit Name and the Adabas automatically assigned Audit ID. This has been corrected in Adabas Auditing version 2.2 SP1. The Audit Name used by utilities is now correctly referred to as AUDITNM.

For more information, refer to the following utility documentation:

DAUDPARM Command Enhancement

The ADADBS OPERCOM DAUDPARM utility issued to an Audit Server previously only reported the global parameters. With this new version all pertinent configuration is now reported.

For more information, refer to ADADBS OPERCOM DAUDPARM.

DAUDSTAT Command Enhancement

The operator command DAUDSTAT and the ADADBS OPERCOM DAUDSTAT have been enhanced to report the following information:

  • The number of items rejected due to errors

  • The number of admin items

  • The number of GFFT items

For more information, refer to ADADBS OPERCOM DAUDSTAT.

Auditing of Database Administration and DDL

This version of Adabas Auditing introduces two new classes of Audit events; Administration and Structural Database Changes (DDL):

  • An Administration event is one which inquires or alters the state of the database. For example, ADADBS OPERCOM DAUDPARM and ADADBS OPERCOM FEOFAL.

  • A Structural Database Change (DDL) event is one which alters the structure of the database such as adding a new field or deleting an existing field.

These new classes of Audit events are supported by corresponding new Subscriptions which are automatically defined when an Audit system file is created:

  • A Subscription named ADMIN with an ID of SUBSYS1 is created for Administration events.

  • A Subscription named DDL with an ID of SUBSYS2 is created for DDL events.

Additional configuration has also been added to enable the administration of these new events:

  • Adabas Auditing Configuration (SYSALA) new menu option T for Admin Subscription Definitions has been added.

  • New Auditing Database (ADAANP) File parameters have been added to enable the auditing of administration and DDL events at the file level. Specified in the ADAANP DD input, the new file parameters are FADMPARM and FADMINFO. For example:

ADAANP FILE       
ADAANP FLIST=1,100
ADAANP FACCDS=YES              Collect data storage (compressed record)
ADAANP FDELDS=YES              Collect data storage (compressed record)
...
ADAANP FADMPARM=YES            Collect admin and DDL event data
ADAANP FADMINFO=YES            Collect admin and DDL client info

Messages Written to DDAUDERR

The Audit Server now requires a DDAUDERR DD card.

For example:

//DDAUDERR DD SYSOUT=X

The majority of messages are written to the console however certain messages will now be written to DDAUDERR.

Messages written to DDAUDERR are formatted similarly to multi-line console messages with the message number and Database ID appearing only on the first line. Each line is prefixed with the Julian date and local time.

Audit Server System File Update

Changes to the structure and content of the Audit system file require that a new system file must be loaded into the Audit Server using the ALLSYSF dataset supplied with this version of Adabas Auditing.

For more information on loading an Audit system file, refer to ADALOD LOAD Parameters for the Adabas Audit Server.

Notes:

  • Reloading the Audit system file will require the recreation in SYSALA of any configuration you may have defined using the previous version of Adabas Auditing (for example subscriptions, destinations, filters, etc..).

  • After loading the new Audit system file, the predefined subscriptions SUBSYS1 and SUBSYS2 will require updating to avoid the following warning messages:

    ADAAJZ At least one destination is required for subscription SUBSYS1
    ADAAJZ At least one destination is required for subscription SUBSYS2