You can create your own audit events using the SAFROUTE API. This API handles security-related requests for Enterprise Server applications. Use the AUDIT request type to create your own audit entry point inside COBOL programs hosted by Enterprise Server.
The SAFROUTE API is defined in the following copybook located in the cpylib directory of the product installation directory - default is %ProgramFiles(x86)%\Micro Focus\Enterprise Developer\cpylib\SAFAPI.CPY (Windows) or /opt/microfocus/EnterpriseDeveloper/cpylib/SAFAPI.cpy (UNIX).
An audit event is comprised of the ENTITY and LOGSTR items, which can contain arbitrary strings. You can also use the Username associated with any ACEE, if it is provided. Audit events can be attributed to either a "success" or "failure" which are mapped to the audit event codes 5:1 and 5:2, respectively.
The following program is an example of a "success" audit event:
identification division.
program-id. testprog.
environment division.
configuration section.
data division.
working-storage section.
copy "SAFAPI.cpy" replacing ==()== by ==ws==.
01 ws-audit-entity pic x(11) value "AuditEntity".
01 ws-audit-string pic x(11) value "AuditString".
procedure division.
move low-values to ws-safpb-parameter-block
set ws-safpb-cur-ver-88 to true
set ws-safpb-audit-req-88 to true
set ws-safpb-audit-success-88 to true
set ws-safpb-codeset-utf8-88 to true
set ws-safpb-mod-CICS-88 to true
set ws-safpb-audit-ENTITY-ptr to address of ws-audit-entity
set ws-safpb-audit-ENTITY-len to length of ws-audit-entity
set ws-safpb-audit-LOGSTR-ptr to address of ws-audit-string
set ws-safpb-audit-LOGSTR-len to length of ws-audit-string
call 'SAFROUTE' using ws-safpb-parameter-block
if ws-safpb-api-rc > 0
*> Audit call failed
end-if
goback.
end program testprog.