zSecure CARLa

zSecure CARLa Courses:

IBM zSecure CARLa Audit and Reporting Language Introduction Part 2

This is Part 2 of the Introduction to the IBM zSecure Auditing and Reporting Language. This part of the course covers:

  • Showing separate segment information of a profile in a single line
  • Combining user or group information with resource information
  • Comparing more than four user IDs

IBM zSecure CARLa Audit and Reporting Language Introduction Part 3

In part 3 of this zSecure CARLa audit and reporting language course, you will learn to:

  • Generate RACF commands
  • Run mass user cloning
  • Generate USS commands
  • Find profiles with a high UAC
  • Find permits the same as UACC

IBM zSecure CARLa Audit and Reporting Language Introduction Part 5

Overview: The commands described in this section help you do the following:

  • show the use of the OPERATIONS attribute by user IDs that are assigned the OPERATIONS attribute
  • prevent OPERATIONS users from accessing system sensitive data sets
  • produce a report from SMF records that shows attempts to access resources as UNIX Superuser
  • produce daily reports that show the RACF command that ran on your systems

IBM zSecure CARLa Audit and Reporting Language Introduction Part 4

This module of the zSecure CARLa audit and reporting language introduction covers the following topics:

  • Convert automatically UACC access to a PERMIT to ID(*)
  • Provide a report for users that have non-compliant connect authorizations
  • Provide a report showing effective resource access after RACLIST processing
  • Generate a report showing users with direct and indirect RACF system-wide privileges

How to Manipulate IBM zSecure Reports Using CARLa

This video demonstration shows you how to use three field manipulation techniques. The techniques we will demonstrate are Substring, Word and Parse. The abbreviation CARLa stands for “CARLa Auditing and Reporting Language”. It is the main reporting engine used within zSecure Admin, zSecure Audit, zSecure Alert, and zSecure Manager for RACF z/VM. 

How to use CARLa to generate a Write To Operator (WTO) message

In this 21 minute zSecure video, you learn how to code a CARLa batch job that monitors the active setting of your most important RACF general resource classes and generates a Write To Operator (WTO) message when a resource class is not active. This video starts with a brief introduction of the CARLa programming language and a WTO message. The last part of this video is a software simulation that shows how to create and submit a CARLa batch job that generates a WTO message in the z/OS system log.

zSecure CARLa Audit and Reporting Language Introduction Part 7

Objectives

This section of this course, shows you how to generate a report that:

  • shows all data set profiles that start with a user ID and allow access through UACC or ID(*)
  • compares profiles from two RACF information sources
  • compares RACF databases by showing added or deleted user profiles only
  • compares CKFREEZE and RACF information sources
Time: 45 minutes

How to manipulate zSecure reports using CARLa

This video demonstrates how to use field manipulation techniques such as Substring, Word, and Parse using CARLa.

IBM zSecure CARLa Audit and Reporting Language Introduction

This self-paced course provides an introduction to the IBM zSecure CARLa audit and reporting language. In this first module, you will learn the following:

  • Background on zSecure CARLa
  • Supported zSecure CARLa input data sources and fields
  • Output customization and modifiers

zSecure CARLa Audit and Reporting Language Introduction Part 6

This part of the zSecure CARLa Audit and Reporting Language Introduction course will allow you to:

  • Produce a multi-level summary report of all user IDs per default group that has two or more user IDs assigned to their name
  • Use statistical functions to enhance reports with extra statistical information or generated summary overviews
  • Produce a report using statistics about the number of user IDs that have UPDATE access to one or more APF-authorized libraries
  • Generate a report that shows all resources that have permissions directly to a user ID