FTP Sessions Attributes
Use the FTP Sessions attributes to create situations that monitor the sessions from either a remote client to a z/OS® FTP server or from a z/OS client to a remote FTP server.
Application Name The name of the FTP application. The format is an alphanumeric string no longer than 8 characters.
ASID The z/OS address space ID of the address space that opened the socket. This value is displayed as a 4-digit hexadecimal number.
Cipher Specification
The current cipher specification for this connection when the
security mechanism is TLS or AT-TLS. This value is used for the data encryption or decryption.
See the description of the TTLSCipherParms statement in the Policy Agent and Policy
Applications
chapter of the IBM®
z/OS Communications Server: IP Configuration Reference
v1.12 or later book for a list of possible cipher values. This value is stored as a long integer and
displayed as a string. Valid values for this integer are:
- blank = 0X00000000
- SSL_RC4_US = 0X0000F0F1
- SSL_RC4_EXPORT = 0X0000F0F2
- SSL_RC2_US = 0X0000F0F3
- SSL_RC2_EXPORT = 0X0000F0F4
- SSL_DES_US = 0X0000F0F6
- SSL_3DES_US = 0X0000F0F7
- SSL_NULL_MD5 = 0X0001F0F1
- SSL_NULL_SHA = 0X0001F0F2
- SSL_RC4_MD5_EX = 0X0001F0F3
- SSL_RC4_MD5 = 0X0001F0F4
- SSL_RC4_SHA = 0X0001F0F5
- SSL_RC2_MD5_EX = 0X0001F0F6
- SSL_DES_SHA = 0X0001F0F9
- SSL_3DES_SHA = 0X0001F0FA
- SSL_AES_128_SHA = 0X0001F2C6
- SSL_AES_256_SHA = 0X0001F3F5
- TLS_RC4_128_WITH_MD5 = 0X0002F0F1
- TLS_RC4_128_EXPORT40_WITH_MD5 = 0X0002F0F2
- TLS_RC2_CBC_128_CBC_WITH_MD5 = 0X0002F0F3
- TLS_RC2_CBC_128_CBC_EXPORT40_WITH_MD5 = 0X0002F0F4
- TLS_DES_64_CBC_WITH_MD5 = 0X0002F0F6
- TLS_DES_192_EDE3_CBC_WITH_MD5 = 0X0002F0F7
- TLS_NULL_WITH_NULL_NULL = 0X0003F0F0
- TLS_RSA_WITH_NULL_MD5 = 0X0003F0F1
- TLS_RSA_WITH_NULL_SHA = 0X0003F0F2
- TLS_RSA_EXPORT_WITH_RC4_40_MD5 = 0X0003F0F3
- TLS_RSA_WITH_RC4_128_MD5 = 0X0003F0F4
- TLS_RSA_WITH_RC4_128_SHA = 0X0003F0F5
- TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 = 0X0003F0F6
- TLS_RSA_WITH_DES_CBC_SHA = 0X0003F0F9
- TLS_RSA_WITH_3DES_EDE_CBC_SHA = 0X0003F0C1
- TLS_DH_DSS_WITH_DES_CBC_SHA = 0X0003F0C3
- TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA = 0X0003F0C4
- TLS_DH_RSA_WITH_DES_CBC_SHA = 0X0003F0C6
- TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA = 0X0003F1F0
- TLS_DHE_DSS_WITH_DES_CBC_SHA = 0X0003F1F2
- TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA = 0X0003F1F3
- TLS_DHE_RSA_WITH_DES_CBC_SHA = 0X0003F1F5
- TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA = 0X0003F1F6
- TLS_RSA_WITH_AES_128_CBC_SHA = 0X0003F2C6
- TLS_DH_DSS_WITH_AES_128_CBC_SHA = 0X0003F3F0
- TLS_DH_RSA_WITH_AES_128_CBC_SHA = 0X0003F3F1
- TLS_DHE_DSS_WITH_AES_128_CBC_SHA = 0X0003F3F2
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA = 0X0003F3F3
- TLS_RSA_WITH_AES_256_CBC_SHA = 0X0003F3F5
- TLS_DH_DSS_WITH_AES_256_CBC_SHA = 0X0003F3F6
- TLS_DH_RSA_WITH_AES_256_CBC_SHA = 0X0003F3F7
- TLS_DHE_DSS_WITH_AES_256_CBC_SHA = 0X0003F3F8
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA = 0X0003F3F9
Client User ID The local user name (login name) of the client. This column applies to client transfers only. The format is an alphanumeric string no longer than 8 characters.
Collection Time The time and date of the data sampling. This time is displayed in the following format:
mm/dd/yy hh:mm:ss (Tivoli Enterprise Portal) or yy/mm/dd hh:mm:ss (3270)
Where:
- mm = Month
- dd = Day of the month
- yy = Year
- hh = Hour
- mm = Minute
- ss = Seconds
The stored format is a string no longer than 16 characters in the
format CYYMMDDHHMMSSmmm
(as in 1020315064501000 for
03/15/02 06:45:01) where:
- C = Century (0 for 20th, 1 for 21st)
- Y = Year
- M = Month
- D = Day
- H = Hour
- M = Minute
- S = Second
- m = Millisecond
FTP Session ID The unique identifier for this FTP session. The format is an alphanumeric string no longer than 16 characters.
FTP Type Identifies whether this FTP session is using the FTP client or the FTP server on the local system. This value is stored as an integer and displayed as a string. This field displays the string. Valid values are:
- Client = 0
- Server = 1
FTP Type Int Identifies whether this FTP session is using the FTP client or the FTP server on the local system. This value is stored as an integer. This field displays the integer. Valid values are:
- 0 = Client
- 1 = Server
Local IP Address The local IP address for this FTP control connection. The format is an alphanumeric string no longer than 45 characters.
Local Port The local port for the FTP control connection. The format is a four-byte integer.
Local Port (deprecated) The local port for the FTP control connection, as a two-byte integer.
Local Port String The local port for the FTP control connection as a string. The format is a string up to five characters in length.
Login Failure Reason Code The reason returned when a login fails. This value is stored and displayed as a number.
When the FTP Type value is Server, the following reason codes are possible:
- 01: Password not valid
- 02: Password has expired
- 03: User ID has been revoked
- 04: User does not have access to server
- 05: FTCHKPWD exit routine rejected login
- 06: Too many incorrect passwords specified
- 07: Group ID process failed
- 08: User ID is unknown
- 09: Certificate not valid
- 10: Client name does not match user name
When the FTP Type value is Client, the following reason codes are possible. These client values are documented in the z/OS Communications Server: IP User's Guide and Commands. Additional information about the failure might be available in that book.
- 01: Internal error
- 02: Server error
- 04: Invalid parameter
- 05: Input stream open failed
- 06: Already connected
- 07: Usage error
- 08: Connect failed
- 09: Connection timeout
- 10: Session error
- 11: Invalid ID or password or account
- 12: Input error
- 13: Input EOF
- 14: Not found
- 15: Invalid FTP environment
- 16: FTP not enabled
- 17: Security authentication or negotiation failure
- 18: File access
- 19: Cannot read file
- 20: Cannot write file
- 21: Conversion error
- 22: Proxy error
- 23: SQL error
- 24: Unspecified client error
Login Failure Reason Description The reason that the login failed. This value is stored as a number and displayed as a string.
When the FTP Type value is Server, the following reason codes are possible:
- Password not valid = 1
- Password expired = 2
- User ID has been revoked = 3
- User does not have access to server = 4
- FTCHKPWD exit routine rejected login = 5
- Too many incorrect passwords specified = 6
- Group ID process failed = 7
- User ID is unknown = 8
- Certificate not valid = 9
- Client name does not match user name = 10
When the FTP Type value is Client, the following reason codes are possible. The FTP client error codes, found in parentheses below, are documented in the z/OS Communications Server: IP User's Guide and Commands. Additional information about the failure might be available in that book.
- Internal error = 101 (01)
- Server error = 102 (02)
- Invalid parameter = 104 (04)
- Input stream open failed = 105 (05)
- Already connected = 106 (06)
- Usage error = 107 (07)
- Connect failed = 108 (08)
- Connection timeout = 109 (09)
- Session error = 110 (10)
- Invalid ID or password or account = 111 (11)
- Input error = 112 (12)
- Input EOF = 113 (13)
- Not found = 114 (14)
- Invalid FTP environment = 115 (15)
- FTP not enabled = 116 (16)
- Security authentication or negotiation failure = 117 (17)
- File access = 118 (18)
- Cannot read file = 119 (19)
- Cannot write file = 120 (20)
- Conversion error = 121 (21)
- Proxy error = 122 (22)
- SQL error = 123 (23)
- Unspecified client error = 124 (24)
Login Method The current login method for this connection. This value is stored as a single character and displayed as a string. The following are valid:
- C= Certificate
- P = Password
- T= Kerberos_Ticket
- U= Undefined
NMI FTP Enhancements IBM internal use only.
Origin Node The unique identifier for the TCP/IP stack being displayed. The format is an alphanumeric string no longer than 32 characters.
Remote IP Address The remote IP address for the FTP control connection. The format is an alphanumeric string no longer than 45 characters.
Remote Port The remote port for the FTP control connection. The format is a four-byte integer.
Remote Port (Deprecated) The remote port for the FTP control connection, as a two-byte integer.
Remote Port String The remote port for the FTP control connection as a string. The format is a string up to five characters in length.
Security Mechanism The current security mechanism for this connection. This value is stored as a single character and displayed as a string. The following are valid:
- A = AT_TLS
- G = GSSAPI
- N = None
- T = TLS
Security Protocol Level The current security protocol level for this connection when the security mechanism is TLS or AT-TLS. The format is a character string.
Server Logging Session ID The ID that uniquely identifies sessions between z/OS FTP servers and FTP clients. The format is a 15-character string. The identifier is generated from FTP daemon job name, followed by a 5-digit number in range 00000-99999. The value is displayed in the SYSLOGD file log entries when FTP activity logging is enabled.
Session Duration The duration of the session. This value is stored in seconds and displayed as a time value (for example, 4.00000s or 4m 20s).
Session End The date and time when the control session ended. This time is displayed in the following format:
mm/dd/yy hh:mm:ss (Tivoli Enterprise Portal) or yy/mm/dd hh:mm:ss (3270)
Where:
- mm = Month
- dd = Day of the month
- yy = Year
- hh = Hour
- mm = Minute
- ss = Seconds
The stored format is a string no longer than 16 characters in the
format CYYMMDDHHMMSSmmm
(as in 1020315064501000 for
03/15/02 06:45:01) where:
- C = Century (0 for 20th, 1 for 21st)
- Y = Year
- M = Month
- D = Day
- H = Hour
- M = Minute
- S = Second
- m = Millisecond
When the session has not ended, this value is stored as a character string of zeros and displayed as blank.
Session End Reason Code A code indicating the reason that the control connection ended. This value is stored and displayed as a number.
When the FTP Type value is Server, the following reason codes are possible:
- 0: Normal session end
- 1: Security authentication or negotiation failure
- 2: Socket or network error
- 3: Client closed control connection unexpectedly
- 4: Invalid sequence read from control connection
When the FTP Type value is Client, the following reason codes are possible. The FTP client error codes are documented in the z/OS Communications Server: IP User's Guide and Commands. Additional information about the failure might be available in that book.
- 0: Normal session end
- 1: Internal error
- 2: Server error
- 4: Invalid parameter
- 5: Input stream open failed
- 6: Already connected
- 7: Usage error
- 8: Connect failed
- 9: Connection timeout
- 10: Session error
- 11: Invalid ID or password or account
- 12: Input error
- 13: Input EOF
- 14: Not found
- 15: Invalid FTP environment
- 16: FTP not enabled
- 17: Security authentication or negotiation failure
- 18: File access
- 19: Cannot read file
- 20: Cannot write file
- 21: Conversion error
- 22: Proxy error
- 23: SQL error
- 24: Unspecified client error
Session End Reason Description The description of the session end reason code. This value is stored as an integer and displayed as a string.
When the FTP Type value is Server and Client, the following reason codes are possible:
- Normal session end = 0
When the FTP Type value is Server, the following reason codes are possible:
- Password not valid = 1
- Password expired = 2
- User ID has been revoked = 3
- User does not have access to server = 4
- FTCHKPWD exit routine rejected login = 5
- Too many incorrect passwords specified = 6
- Group ID process failed = 7
- User ID is unknown = 8
When the FTP Type value is Client, the following reason codes are possible. These FTP client error codes are documented in the z/OS Communications Server: IP User's Guide and Commands Additional information about the failure might be available in that manual.
- Internal error = 101
- Server error = 102
- Invalid parameter = 104
- Input stream open failed = 105
- Already connected = 106
- Usage error = 107
- Connect failed = 108
- Connection timeout = 109
- Session error = 110
- Invalid ID or password or account = 111
- Input error = 112
- Input EOF = 113
- Not found = 114
- Invalid FTP environment = 115
- FTP not enabled = 116
- Security authentication or negotiation failure = 117
- File access = 118
- Cannot read file = 119
- Cannot write file = 120
- Conversion error = 121
- Proxy error = 122
- SQL error = 123
- Unspecified client error = 124
- C = Clear
- N = None
- P = Private
- S = Safe
- U = Unknown
Session Start The date and time at which the control session was established. This time is displayed in the following format:
mm/dd/yy hh:mm:ss (Tivoli Enterprise Portal) or yy/mm/dd hh:mm:ss (3270)
Where:
- mm = Month
- dd = Day of the month
- yy = Year
- hh = Hour
- mm = Minute
- ss = Seconds
The stored format is a string no longer than 16 characters in the
format CYYMMDDHHMMSSmmm
(as in 1020315064501000 for
03/15/02 06:45:01) where:
- C = Century (0 for 20th, 1 for 21st)
- Y = Year
- M = Month
- D = Day
- H = Hour
- M = Minute
- S = Second
- m = Millisecond
State The status of this FTP session. This value is stored as an integer and displayed as a number. The following are valid values:
- 0 Unknown - In the history file, the value was Active during historical collection.
- 1 Inactive - A close record was received for this open record.
- 2 Active - No close record was received.
- 4 Complete - The record was closed.
System ID The SMF system ID. The format is an alphanumeric string no longer than 4 characters.
TCP Control Connection ID The TCP connection ID for the connection being used for the control connection. This value is displayed as an 8-digit hexadecimal number.
This value is displayed as a hexadecimal number that uniquely identifies the TCP connection being used for the FTP control connection. The TCP connection ID (or resource ID) is displayed under the Local Socket column adjacent to the IP address in the output of a NETSTAT command.
TCPIP STC Name The TCP/IP job name. The format is an alphanumeric string no longer than 8 characters.
Total Bytes Transferred The number of bytes in all files sent and received since the FTP connection started. The format is a long long integer.
Total Files Transferred The number of files sent and received since the FTP connection started. The format is an integer.
Transfer Protection Level The current transfer protection level for this connection. This value is stored as a single character and displayed as a string. The following are valid:
- C = Clear
- N = None
- P = Private
- S = Safe
- U = Unknown
User ID on Server The user name that was used to log in to the server. The format is an alphanumeric string no longer than 8 characters. When the actual user ID is longer then 8 characters, it is truncated. See User ID on Server Extended for longer user IDs.
User ID on Server Extended The user name that was used to log in to the server. The format is an alphanumeric string no longer than 63 characters.