Activating security discovery

Security discovery records security access requests within CICS®, contained in what's called the security discovery data (SDD). This allows you to discover what security definitions would be required if the current CICS resource security were extended to include additional resource classes.

Before you begin

You must have configured the CICS region in which you want to activate security discovery for CICS security discovery. See Setting up CICS security discovery.

About this task

For more information about the whole process of capturing SDD and alternative ways of activating security discovery, see Capturing security discovery data (SDD).

Procedure

  1. In the CICS SM perspective, click Operations > Security Discovery Records from the menu.
    This opens the Security Discovery Records view.

    The view shows the status of security discovery for CICS regions, with each row representing a region.

  2. In the Security Discovery Records view, turn on security discovery for the whole region in either of the following ways:
    • Select one or more regions in which you want to activate security discovery. Right-click the selected row or rows, and click Set Discovery Status > Switch On Security Discovery.
      Figure 1. Right-clicking a region row
      Right-click menu in the Security Discovery Records view with the Set Discovery Status option in focus
    • Double-click the row of the region in which you want to activate security discovery. In the Attributes editor that opens, edit the Status value from OFF to ON.
  3. You can also specify the resource types for which you want to capture security requests, in either of the following ways.
    For more information about the resource types, see SET SECDISCOVERY in CICS documentation.
    • If you want to configure multiple regions in a batch, it's recommended that you use the Configure option.

      Select one or more regions for which you want to configure the security discovery settings. Right-click the selected row or rows, and then click Configure.

      Figure 2. Right-clicking multiple region rows
      Right-click menu in the Security Discovery Records view with the Configure option in focus

      In the Perform Operation dialog, you must select the checkbox to modify the settings for the responding resource type. For resource types that you want to capture security requests for, select Discover and click OK.

      Figure 3. Specifying resource types to be discovered
      Perform Operation dialog

      This applies the changes to all the regions shown in the right of the dialog.

    • Alternatively, double-click a region row to open the Attributes editor. For resource types that you want to capture security requests for, edit their values from NODISCOVER to DISCOVER.
      Figure 4. Attributes editor
      Attributes editor for the Security Discovery Records view

      This changes the security discovery settings for one region each time.

    The changes to the resource types will take effect only when the security discovery status is set to active.

Results

You have activated security discovery in the selected CICS region and specified the resource types to be discovered.