STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 4 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to z/OS CL/SuperSession for ACF2 Security Technical Implementation Guide

V-224283

CAT II (Medium)

CL/SuperSession must be properly configured to generate SMF records for audit trail and accounting reports.

Rule ID

SV-224283r1141410_rule

STIG

z/OS CL/SuperSession for ACF2 Security Technical Implementation Guide

Version

V7R2

CCIs

CCI-000172CCI-000381CCI-003938

Discussion

Product configuration/parameters control the security and operational characteristics of products. If these parameter values are improperly specified, security and operational controls may be weakened. This exposure may threaten the availability of the product applications and compromise the confidentiality of customer data.

Check Content

Version 3 of CL/SuperSession
Review the member KLKINNAF in the TLVPARM DD statement concatenation of the CL/SuperSession STC procedure to determine SMF number. (This member is located in SYS3.OMEGAMON.qualifier.RLSPARM.)

Version 2 of CL/SuperSession
Review the member KLVINNAF in the TLVPARM DD statement concatenation of the CL/SuperSession STC procedure to determine SMF number. (This member is located in SYS3.OMEGAMON.qualifier.RLSPARM.)

Refer to the following report produced by the z/OS Data Collection:

- EXAM.RPT(SMFOPTS).

Refer to the following report produced by the z/OS Data Collection:

- PDI(ZCLS0041).

If the following guidance is true, this is not a finding.

If the SMF= field specifies an SMF record number, review the SMFOPTS report to verify SMF is writing that record type.

If SMF is writing the record number specified by SMF=, this is not a finding.

Fix Text

Ensure the Session Manager generates SMF records for audit trail and accounting reports.

To provide an audit trail of user activity in CL/SuperSession, configure the Network Accounting Facility (NAF) to require SMF recording of accounting and audit data. Accounting to the journal dataset is optional at the discretion of the site. Ensure that the NAF parameter options for member KLKINNAF for Version 3 of CL/SuperSession or KLVINNAF for Version 2 of CL/SuperSession RLSPARM initialization parameter library are coded to the below specifications.

DSNAME= dsname - Name of the NAF journal dataset. Required only if the site is collecting accounting and audit data in the journal dataset in addition to the SMF data.

MOD - If the journal dataset is used, this parameter should be set to ensure that logging data in the dataset is not overwritten.

SMF=nnn - SMF record number. This field is mandatory to ensure that CL/SuperSession data is always written to the SMF files.