Back to Top

Security

Which data does GiAPA access ?

GiAPA only retrieves performance and object information using externally documented IBM commands and APIs. GiAPA never reads the contents of any user files or other objects, and will obviously never change anything on a machine - GiAPA only writes to GiAPA's internal data bases.


New operating system versions

Since only standard IBM routines are used for collecting information, GiAPA has never had any problems with running under new versions of the operating system, as long as the at any given time actual version of GiAPA is installed. Users with an active GiAPA maintenance agreement are entitled to download the current GiAPA version from www.giapa.com.


Authority Needed to Collect Performance Data

The standard authorization assigned by IBM to some of the APIs accessed is limiting their use rather strictly, for which reason *JOBCTL and *ALLOBJ, *SERVICE or even authority on QSECOFR level may be needed for the user running GiAPA data collection,

or

GiAPA must be installed allowing use of adopted QSECOFR security for the data collection programs (defined in *SYSVAL QALWOBJRST)

(Example: The API QPMLPFRD "List Performance Data" is shipped with *PUBLIC authority *EXCLUDE, although it only passes performance data to the caller).

GiAPA Menu option 89 can verify if a user has authority to run GiAPA data collection.