Understanding how Z Data Tools uses SAF rules to control auditing

SAF (System Authorization Facility) allows applications, such as Z Data Tools, to define "resources" that might need to be protected. The "resource" to be protected need not be something specific, such as a data set; it can be essentially any type of resource or facility that the application considers to be important. For Z Data Tools and auditing, the "resource" is the ability to write audit log records. The resource names reflect either the type of auditing that is to occur (eg to SMF), or the Z Data Tools function and data set.

Z Data Tools uses two types of SAF resource names to control auditing. The SAF resource rules used by Z Data Tools to control auditing are shown in Table 1 and Table 2).