 |
|
|
Home / Media / Power Features / Advisor - Create Powerful Reports Advisor - Create Powerful Reports  
Improve Performance 92% Learn how the Power Reporting feature can improve productivity, reduce costs and increase security Overview Today, security staffs are faced with the challenge of finding significant security events that lie hidden in the huge volume of SMF data generated each day. An effective way to meet this challenge is to first look at a summary report, then drill down to the detail records. This allows the security staff to focus on just those events that bear further investigation and avoid wasting precious time looking through volumes of insignificant data. Often, an ad hoc report must be created to investigate a situation. Vanguard Advisor is an easy-to-use solution to the challenge of reporting on the multitude of security events that occur on a z/OS or OS/390 system. Its powerful reporting capabilities allow the security staff to produce both standard and customized reports. Its powerful masking capabilities enable precise selection of specific security types of events. By using the Vanguard Advisor, the security and audit staff can fulfill their responsibility to monitor the security activities on the system. Instead of spending time digging through huge volumes of SMF data, they can focus attention on important events. The result is a greatly improved security monitoring function. For more information, please see the following pages of this document which show how, in less than one minute, to produce a summary report and then drill down to the detail level for specific security events. The Bottom Line Step-by-Step Demonstration From the Vanguard Administrator Main Menu, select option 10 Vanguard Advisor. 
From the Advisor Main Menu, select Option 1 Standard Reports. Press Enter. 
From the Standard Reports menu, select Option 1 Resource Access Summary. Press Enter. 
From the Resource Access Summary Menu, select Option 1 Data Set Access by Userid. Press Enter. The following menu is the Masking menu. All reports have a menu similar to this one. There are 3 components of the menu that we will describe, Exception Criteria, Standard Masking, and Enhanced Masking. 
The Exception Criteria part of the menu lets you select, in this case, only users that have more than 3 Violations. 
The Standard Masking part of the Menu allows you to enter simple masking criteria, in this case only Userids that start with JIM and access datasets that start with SYS1. 
By entering a Y in the enhanced masking field, the Enhanced Masking Menu is displayed. 
The Enhanced Masking Menu allows you to enter more complex masking criteria to narrow the output to exactly the data you require. 
The report has now been narrowed to just Userids that start with JIM or ART, and datasets that start with SYS1 or VAN. We can now drill down and look at the detail records for these events. 
By entering an S next to one of the summary lines, we can get the detail records for this user, ARTM. In this case, we will see the 50 records for ARTM. 
This is the first level of detail for ARTMs access to SYS1 datasets. If we enter an S next to one of the events, we will see the complete detail for this event. 
This is the complete detail for this security related event.
|
 |
|
||||||||||||||||||||||||||||||||||||||||||||
|
Contact Us
|
Terms of Use
©2008 Vanguard Integrity Professionals - Nevada. All Rights Reserved. |
Need Assistance or Have Question?
Call Us Today: 702.794.0014 Fax: 702.794.0023 |
Let's Connect
Product Plugin Info |
|