Configuring the audit interceptor for z/OS Connect EE servers

To enable z/OS Connect EE servers to collect Version 2 of IBM SMF 123 records, you need to configure the audit interceptor in the server.xml file.

  1. Add the following string to the file:

    <zosconnect_auditInterceptor id="auditInterceptor" apiProviderSmfVersion="2"/>

Related topics

Enabling-features-in-the-server-xml-file

Updating-the-feature-manager-section

Configuring-the-authorization-interceptor-for-z-OS-Connect-EE-servers

Configuring-the-OpsMJE-z-OS-Connect-Interceptor-for-z-OS-Connect-EE-servers

httpEndpoint-considerations

Example

The following example shows the basic audit interceptor configuration:

000078   <!–– Audit interceptor configuration–smf ––>
000079   <zosconnect_auditInterceptor id="auditInterceptor" sequence="1"/>
000080   <zosconnect_authorizationInterceptor id="authInterceptor" sequence="2"/>
000081   <zosconnect_auditInterceptor id="auditInterceptor" apiProviderSmfVersion="2"/>

  1. (Optional)  To enable z/OS Connect EE servers to collect information about request and response headers, take the following steps:

    1. Add request header information to the audit interceptor configuration:

      apiProviderRequestHeaders="<requestHeaderName1>, <requestHeaderName2>, <requestHeaderName3>, <requestHeaderName4>" 

      Important

      Consider the following information:

      • You can define a maximum of four request header names.
      • You can define standard request header names (such as,  accept  or  content-type ) or custom request header names. To define custom request header names, first map data to request header names in your API and deploy the API to the z/OS Connect EE server. 

      • For z/OS Connect EE to capture request header information, ensure that the specified request headers are contained in the HTTP request.

        Example:

        curl -X GET --header '<requestHeaderName1>: <requestHeaderValue1>' 'http://sjsd:9999/CatalogManager/items?startItemID=10' 

    2. Add response header information to the audit interceptor configuration: 

      apiProviderResponseHeaders="<responseHeaderName1>, <responseHeaderName2>, <responseHeaderName3>, <responseHeaderName4>

      Important

      Consider the following information:

      • You can define a maximum of four response header names.
      • z/OS Connect EE cannot capture standard response headers. You must map data to custom response header names in your API and deploy the API to the z/OS Connect EE server. Then you can define the response header names in the server.xml.
    Example

    The following example shows the audit interceptor configuration with request and response headers defined:

    000078   <!–– Audit interceptor configuration–smf ––>
    000079   <zosconnect_auditInterceptor id="auditInterceptor" sequence="1"/>
    000080   <zosconnect_authorizationInterceptor id="authInterceptor" sequence="2"/>
    000081   <zosconnect_auditInterceptor id="auditInterceptor" apiProviderSmfVersion="2"
    000082   apiProviderRequestHeaders="accept,content–type"
    000083   apiProviderResponseHeaders="retcode,respmsg"/>

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*