EView/390z Insight for Splunk v7.1

Similar documents
EView/390z Mainframe Discovery

EView/390 Management for HP BSM. Operations Manager I

EView/390 Management for HP OpenView Operations Unix

EView/390z Mainframe Discovery for ServiceNow Discovery for CMDB

IBM. PDF file of IBM Knowledge Center topics. IBM Operations Analytics for z Systems. Version 2 Release 2

Splunking Your z/os Mainframe Introducing Syncsort Ironstream

The Power to Stream z IT Operational Data to the Analytic Engine of Your Choice

Exploiting IT Log Analytics to Find and Fix Problems Before They Become Outages

- Benchmark White Paper - Java CICS TS V2.2 Application

1. Which programming language is used in approximately 80 percent of legacy mainframe applications?

Getting Started With the IBM Tivoli Discovery Library Adapter for z/os

The Modern Mainframe At the Heart of Your Business

IBM Tivoli OMEGAMON XE on z/os

C HAPTER. n a broad sense, accessing IMS means telling IMS to perform work for you.

IBM Tivoli NetView for z/os and IBM Tivoli AF/Operator Integration, Part 2

MANEWS Issue Number 21 the Mainframe Audit News

- IPL Complete Notification

Vanguard Configuration Manager Customization and Use

CA Chorus Infrastructure Management for Networks and Systems

A System z Developer's Journey Through the Application Lifecycle

Introduction to IBM Common Data Provider for z Systems

EView/390z Management

How IBM Can Identify z/os Networking Issues without tracing

IBM Tivoli System Automation for z/os

Actual4Test. Actual4test - actual test exam dumps-pass for IT exams

Uni Hamburg Mainframe Summit 2010 z/os The Mainframe Operating. Part 4 z/os Overview

IBM. User Guide. IBM Common Data Provider for z Systems. Version 1 Release 1

EView/400i IBM i (iseries-as/400) Management for Micro Focus Operations Manager i (OMi)

ASG-TMON SOLUTIONS OVERVIEW

Preview: IBM z/vse Version 4 Release 3 offers more capacity and IBM zenterprise exploitation

IBM. Installing, configuring, using, and troubleshooting. IBM Operations Analytics for z Systems. Version 3 Release 1

What it does not show is how to write the program to retrieve this data.

IBM Communication Controller for Linux on zseries V1.1 enables NCP for operation in the Linux environment

Linux for zseries and VSE

System z: Checklist for Establishing Group Capacity Profiles

Z AUDIT FOR QRADAR. Getting Started. Version Last Modified March 23, 2018

1) How many unique operating systems are available on IBM Z hardware? Answer Choice A58_

Creating a Personal z/os Development and Unit Test Environment Lunch & Learn. Rosalind Radcliffe / Dana Boudreau 12 March 2012 Session #: 11091

z/os Performance Monitoring Shootout ASG, BMC, CA and IBM

Proactive Outage Avoidance with IBM Service Management Suite for z/os (SMSz) V1.3

DB2 Performance A Primer. Bill Arledge Principal Consultant CA Technologies Sept 14 th, 2011

DIR-SDD zseries Services

What is New in OMEGAMON XE for Messaging for z/os Version 7.3

IMS Performance - Getting The Most Out Of Your Monitoring Technology: Isolating And Solving Common Issues

Introduction to Coupling Facility Requests and Structure (for Performance)

for Mainstar MXI G2 Session 8962 Speaker: Shari Killion

The Modern Mainframe. IBM Systems. Powerful, secure, dependable and easier to use. Bernice Casey System z User Experience

Enterprise Workload Manager Overview and Implementation

Licensed Program Specifications

IBM GDPS V3.3: Improving disaster recovery capabilities to help ensure a highly available, resilient business environment

ORACLE MESSAGEQ ORACLE DATA SHEET KEY FEATURES AND BENEFITS

Rakenduste integreerimine Enn Õunapuu.

Approaches to Enterprise-Wide Monitoring and Problem-Solving on IBM z Systems

Mainframe Cost Optimisation

Getting Vision on Enterprise-class Security

z/os 1.13 User Experience at Aetna Session March 14, 2012

Jim McNeill. Vanguard Professional Services VSS10 & VSS13

IBM GDPS V3.3: Improving disaster recovery capabilities to help ensure a highly available, resilient business environment

Barry D. Lamkin Executive IT Specialist Capitalware's MQ Technical Conference v

The IBM Common Data Provider for z Systems

Software Migration Capacity Planning Aid IBM Z

System Performance Feature Guide

APIs Economy for Mainframe Customers: A new approach for modernizing and reusing mainframe assets

IBM iseries Domino Solution Sales v5r3. Download Full Version :

CA SYSVIEW Performance Management

IBM Tivoli Composite Application Manager for Applications Version 7.3. WebSphere MQ Monitoring Agent User's Guide IBM SC

IBM. IBM Service Management Unite V Installation and Configuration Guide

OMEGAMON Enhanced 3270UI Webcast. OMEGAMON Architecture overview for a Modernized OMEGAMON Environment

All About OMEGAMON XE for Messaging for z/os Version 7.3

End to End Analysis on System z IBM Transaction Analysis Workbench for z/os. James Martin IBM Tools Product SME August 10, 2015

Options for Sending z/os Events to Netcool/OMNIbus and TBSM

Configuring and Using SMF Logstreams with zedc Compression

What's Missing in Mainframe InfoSec: (What We Don't Know We Don't Know)"

IBM WebSphere MQ V5.3 and WebSphere Business Integration Message Broker V5 extend integration and broaden choices for developers

IBM iseries Linux Solution Sales v5r3.

Roll Up for the Magical Mystery Tour of Software Costs 16962

z/os Guide Share Europe z/os, ziip and DataWareHouse with DB2 in Toyota Motor Europe

z/osmf User Experiences

IBM i5 iseries Technical Solutions Designer V5R3. Download Full Version :

Perform scalable data exchange using InfoSphere DataStage DB2 Connector


Mainframe Networking 101 Share Session 15422

WebSphere Application Server, Version 5. What s New?

Rational Development and Test Environment

=============================================== ===============================================

Mainframe Networking 101 Share Session. Junie Sanders Kevin Manweiler -

ziip and zaap Software Update

Integrated Intrusion Detection Services for. z/os Communications Server. SHARE Session 8329

Barry D. Lamkin Executive IT Specialist Capitalware's MQ Technical Conference v

EView/400i Management for HP BSM. Operations Manager i

CA SYSVIEW Performance Management Scenarios, How to Articles, Videos, and Online Help Topics

17557 Beyond Analytics: Availability Intelligence from RMF and SMF with z/os Storage and Systems Examples

Tuning z/os for WebSphere (A View from 100,000 Feet)

WebSphere Java Batch WP at ibm.com/support/techdocs Version Date: September 11, 2012

Tivoli Now. TEP Event Assistant

LMS. Laret Melsch Systems

Securing Mainframe File Transfers and TN3270

COMP 3400 Mainframe Administration 1

IBM ^ iseries Logical Partition Isolation and Integrity

WAVV 2005 Colorado Springs, CO. Connecting VSE to the World. Page 1. Trademarks. Agenda. Copyright 2005 illustro Systems International, LLC

Transcription:

EView/390z Insight for Splunk v7.1 EView/390z Insight Overview (IBM Mainframe environment) Technical Details By leveraging the foundation EView Intelligent Agent technology to power EView/390z Insight for Splunk, enterprises have an end-to-end enterprise view of the IT infrastructure to include the IBM Mainframe environment data. The EView/Splunk combination enables the ability to control all data through a single, easy-to-use interface, and integrate and automate processes for better security, compliance, and log analysis. EView/390z Insight for Splunk is a scalable solution to analyze the terabytes of big data from your IT operations. Turn the thousands of various types of messages generated from the mainframe, into data that is relevant and understandable. The seamless integration into Splunk enables you to get the information to search quickly across massive amounts of mainframe data, providing the Operational Intelligence and insights that you can act on immediately, and predict problems before they occur. A Custom Message Interface makes it easy to extend applications, batch jobs and installation automation rules to send customer messages to Splunk. With the EView custom message interface, EView Insight s ability to gather, report, and analyze any mainframe is nearly limitless. 1

About EView/390z Architecture and Data Flow EView/390z consists of two main components: the EView Intelligent Agent component that runs on the z/os mainframe, and the server component that runs on the EView Splunk forwarding server. Events and performance data are forwarded from the agent to the EView Splunk forwarding server and written to a file that is monitored by a standard Splunk forwarder. The Splunk forwarder sends data to the Splunk server where the EView/390z Splunk app maps data from common event fields. The EView/390z Splunk app contains dashboards to help get you started in viewing z/os event and performance data. Figure 1: shows the data flow between the z/os mainframe, the EView/390 Splunk forwarding server and the Splunk server. What the EView/390z Agent Does The EView/390z Agent operates as a z/os started task. Mainframe messages are collected by the EView Intelligent Agent from several sources, which will be further detailed in this document. Pre-defined messages filters identify important messages that are then packaged into a common data structure and forwarded via TCP/IP to the Splunk server for processing. Forwarding z/os Messages By capturing any z/os SYSLOG message that comes across the z/os console; the powerful, intelligent, EView Agent has the ability to capture the thousands of message types which are generated by the mainframe (z/os) system. Since all enterprise environments are different and unique, the powerful and flexible EView Custom Message Interface provides the ability to extend applications, batch jobs and installation automation rules to send customer messages 2

to Splunk. With the EView custom message interface, EView Insight s ability to gather, report, and analyze any mainframe is nearly limitless. Messages can include information from the following: Operating System DB2 (DataBase2) JES2 (JobEntrySubsystem2) RACF (SECURITY) MQSeries (Message Queuing Series) CICS (Customer Information Central System) utilizing an EView/390 exit program in the o CICS address space WebSphere SMF types Detailed Examples Forwarding VTAM Messages The z/os network task, VTAM, issues messages regarding the mainframe SNA network. The EView/390z agent collects these VTAM messages through the VTAM PPO interface (or PPI interface if IBM NetView is installed on the LPAR). Forwarding DB2 Management Data EView/390z provides the ability to monitor DB2 messages that are sent to the z/os system console. Forwarding RACF Security EView/390z provides the ability to monitor RACF security messages that are sent to the z/os system console. Forwarding SMF Data An interface to the IBM System Monitoring Facility (SMF) is provided to collect and forward performance information to the EView Splunk forwarding server. Forwarding Performance Data An interface to the IBM Resource Monitoring Facility (RMF) is provided to collect and forward performance information to the EView Splunk forwarding server. Forwarding WebSphere Management Data EView/390z provides the ability to monitor WebSphere messages that are sent to the z/os system console. Forwarding CICS Event and Transaction Data EView/390z contains CICS exits that may be configured to send transient data queue CICS messages to the console where the agent console task will be able to send these messages to the EView Splunk forwarding server. Another exit is available to monitor transaction response 3

of transactions against a configured threshold. When the response time of a configured transaction exceeds the threshold, a message is created that can be sent to Splunk. Forwarding Custom Message Data EView/390z provides a module to send custom messages to the agent which are then sent to the EView/390z Splunk forwarding server. The module can be used in batch jobs, REXX programs or application programs (including CICS programs) and SMF type information. Event and Message Buffering If event, message or performance data cannot be sent to the EView Splunk forwarding server for any reason, the EView/390z agent can be configured to save or buffer the data until the connection from the Splunk forwarding server is available. This ensures that important data will not be lost. EView Insight - Splunk Dashboards The EView/390z Splunk app contains several out of the box default dashboards to provide examples of different ways mainframe data can be viewed as the EView/390z information is seamlessly integrated into Splunk. Since EView Insight is seamlessly integrated into Splunk, the simplicity of building your own custom dashboards is already there. And, EView Technology provides the detailed information in the EView/390z Insight: Installation and Customization Guide, to provide the foundation for creating a powerful IT Operations Intelligence Splunk Platform, which integrates the IBM mainframe (z/os) environment. For iseries (AS/400) environments, the EView/400i Insight: Installation and Customization Guide is available. Examples Security The EView Dashboard shows RACF Security Messages. A Splunk Operator can easily drill down and get to the root cause of issues, identify potential threats, etc 4

Messaging/Communication The EView Dashboard shows MQ Series message totals, overall mainframe message totals and totals by z/os mainframe source hosts. CICS Transactions Exceeding Threshold Dashboard This dashboard shows transactions that have exceeded the configured response time threshold. 5

Performance Data Dashboard The performance data dashboard shows the latest reported CPU utilization and graphs of CPU utilization along with memory related metrics. SMF-Types Dashboards SMF Type 14 and 15 dataset records 6

SMF Type 30 Job Completion SMF Type 30 Job Data 7

SMF Type 80 RACF RMF Performance Data 8

Hardware Requirements Splunk Forwarding Server EView/390z requires appropriate Ethernet hardware on the client to communicate via TCP/IP. All other hardware requirements are the same as the requirements for a Splunk forwarding server. z/os Operating System EView/390z requires the appropriate Ethernet hardware on the zseries to allow for TCP/IP communication with the Splunk forwarding server. In addition, make sure that the Splunk forwarding server and z/os partitions meet the disk space requirements described in the following table. Platform Splunk Forwarding Server zseries Mainframe Disk Space 5MB 60 tracks of 3390 DASD Software Requirements On the Splunk Forwarding Server: Windows Client: o Microsoft Windows 2008 R2 or later Linux Client: o Linux 64-bit kernel Version 2.6.24 or later o Perl Version 5.8 or later o glibc Version 2.7 or later The TCP/IP network protocol stack must be active. All other software requirements are the same as the requirements for a Splunk forwarding server. On the zseries mainframe: z/os V1R10 or later The TCP/IP network protocol stack (V3R1 or higher) must be active. 9

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback