The function of the trace subsystem is to produce from the SMF records a detailed, time-sequenced log of activity by (or on) a selected entity.

The Security- Trace Subsystem will accept parameters specifying the type of entity and the time scope of the trace. The trace report will be fixed for a given type of entity.

Parameters to the trace should include:

Type of entity (job-id, user-id, data set, device-id, etc.);

Time parameters: start date (if omitted - today) [end date] (if omitted - today) start time (if omitted - 00:00:00) [end time] (if omitted - 23:59:59)

As long as the times specified are increasing (and not overlapping) , it. should be feasible to trace multiple time ranges in a single pass of the "raw" SMF data.

Some time parameters might look like: 3/18/80 3/18/80 1600 3/18/80 - 3/20/80 1600

3/18/80 1600 - 1830, 3/20/80 14:30 ...

The trace records will have a standard part, then specific information that is appropriate to the record. A sample trace might look like:

Trace For User Jones.J ≪ Date (Or Date Range) >

Summary Task. Schedule For Security Trace Subsystem.