Logging for QUERY SECURITY

You can control logging on the QUERY SECURITY command by specifying one of the following options:

The default is LOG.

If logging is in effect, and the terminal user does not have the requested access to the specified resource, message DFHXS1111 is issued to the CICS® security transient data destination CSCS. Where relevant, RACF® message ICH408I is also issued. SMF records may also be recorded, depending on the auditing and logging options that have been specified for that resource. For more information, see the z/OS Security Server RACF Auditor's Guide.

For programming information about CVDAs, refer to CICS System Programming Reference.