Dovetailed Technologies Solutions Support Contact Us

Appendix D. SMF Information

D.1 IBM FTP-compatible SMF 119 record subtypes

Co:Z SFTP supports recording SMF type 119 records that are compatible with the following IBM FTP records:

  • Subtype 3 - FTP client transfer completion

  • Subtype 70 - FTP server transfer completion

For more information on type 119 records, see: z/OS Communications Server: IP Programmer's Guide and Reference.

D.2 New SMF 119 record subtypes

In addition to standard FTP completion records above, Co:Z SFTP 2.0.0 and later will also create the following SMF 119 record subtypes:

  • Subtype 192 - Co:Z SFTP server log messages

  • Subtype 193 - Co:Z SFTP client log messages

These new records follow the structure of other SMF type 119 records. Six triplets are allocated, although only the first three triplets are currently used.

  • The first section is a copy of the TCP/IP identification section, as it appeared in the related client transfer completion (subtype 3) or server transfer completion (subtype 70) record.

  • The second section describes the socket connection.

    016BinaryRemote IP address
    1616BinaryLocal IP address
    322BinaryRemote port number
    342BinaryLocal port number
    3615EBCDICFTP session ID

  • The third section contains Co:Z SFTP messages, informational level or above, that were associated with the previous transfer. This section contains one or more message sub-sections, each with the following layout:

    04BinaryTime (in local time)
    44PackedDate (in local time)
    82BinaryLength of message that follows
    10variableEBCDICMessage text

D.3 Enabling SMF recording

In order to enable recording of Co:Z SFTP SMF 119 records, you must:

  1. configure SMF to allow recording these records and subtypes. See z/OS MVS System Management Facilities (SMF) for more information.

  2. permit the users running Co:Z SFTP client or server jobs READ access to the BPX.SMF SAF/RACF class.

  3. the nosmf configuration option must not be set. See for more information.

  4. in order to get accurate local and remote host/port information for these records, the program COZ_HOME/bin/ssh-socket-info is called by Co:Z once the child ssh session is established.

    This program uses the IBM EZBNMIFR network management API, which requires the ssh-socket-info program to be APF authorized. The Co:Z installer will attempt to set the "+a" extattr bit on this program, but will only succeed if the installing userid has READ access to the BPX.FILEATTR.APF SAF resource. If for some reason, this program is not APF authorized, Co:Z SFTP will operate properly, but the SMF socket information is not guaranteed to be accurate.

D.4 Using the real-time Co:Z SMF API

The Co:Z SFTP client and server will also write SMF 119 records to a Unix datagram socket if it is available. By default, the name of the socket is /var/log/cozsftp.smf.sock unless overridden by the SFTP_SMF_SOCK environment variable. This API is useful in managed file transfer environments that need real-time access to file transfer events. The API is independent of actual SMF recording - you may use either real SMF recording, the datagram socket API, or both.

To use this facility, you must write a program that creates this Unix-domain socket and receives datagram messages from it. Each message will be a SMF record image from a Co:Z SFTP client or server running on the same system. A sample C++ program, CoZSmfServer.C, demonstrates how to use this facility. See the documentation and build instructions in $COZ_HOME/samples/smfapi/CoZSmfServer.C.

Copyright© 2009-2013 Dovetailed Technologies, LLC. All rights reserved.
Co:Z® is a registered trademark of Dovetailed Technologies, LLC.