Auditing considerations on z/OS
The normal RACF auditing controls are available for conducting a security audit of a queue manager. IBM MQ does not gather any security statistics of its own. The only statistics are those that can be created by auditing.
RACF auditing can be based upon:
- User IDs
- Resource classes
- Profiles
For more details, see the z/OS Security Server RACF Auditor's Guide.
Note: Auditing degrades performance; the more auditing you implement, the more performance is degraded. This is also a consideration for the use of the RACF WARNING option.
- Auditing RESLEVEL
Use the RESAUDIT system parameter to control the production of RESLEVEL audit records. RACF GENERAL audit records are produced.Parent topic: Set up security on z/OS