When a SUMLOG has a corresponding SECURITYLOG, certain LOGANALYZER options attempt to analyze entries from both the SUMLOG and SECURITYLOG.
The following LOGANALYZER options cause LOGANALYZER to attempt to open the corresponding SECURITYLOG:
-
TCPIP (SSL)
-
TCPIP (IPSEC)
-
TCPIP (SSH)
-
DIAG (TCPIP (SSL))
-
DIAG (TCPIP (IPSEC))
-
DIAG (TCPIP (SSH))
-
DIAG (TCPIP (SECURITY))
Requests that are supersets of these requests (for example, DIAG) also cause LOGANALYZER to attempt to open the corresponding SECURITYLOG.
SDASUPPORT determines the name of the SECURITYLOG file by substituting all nodes of “SUMLOG” in the SUMLOG file title with a node of “SECURITYLOG”. For example, if a SUMLOG is named *SYSTEM/SUMLOG, then SDASUPPORT tries to locate the file *SYSTEM/SECURITYLOG.
LOGANALYZER skips the analysis of SECURITYLOG entries if the corresponding SECURITYLOG is unavailable. Under these circumstances, the LOGANALYZER output includes the following message:
THE CORRESPONDING SECURITYLOG FILE COULD NOT BE FOUND
