Hi All Apart from using ironstream. Is there a way to upload just the SMF, RMF and any SYSLOG reading to SPLUNK to generate dashboard ?
Any samples or whitepaper where I can get yo understand ? Regards Jake On Jun 10, 2017 8:38 PM, "Lizette Koehler" <stars...@mindspring.com> wrote: > Jake, > > If you are that interested in this function, I would recommend you contact > Syncsort Sales and request further information. That way you can be > connected directly with the vendor and how their product Ironstream feeds > Splunk. (Yes, I saw Chris has responded) > > Note: it is not Syncsort the product that feeds Splunk. It is Ironstream > product by Syncsort to feed Splunk. Go to Syncsort.com for more details on > Ironstream. > > > > I have found with past companies they did not like me downloading trial > versions as it could put them on the path of having to purchase the product. > > I do not think Syncsort would do that, but it is something to consider. > > If this is just a curiosity question, what specifically do you need to > know that has not already been discussed? > > > Got Splunk? Add Ironstream! > > Get security insights & operational intelligence from the mainframe in > real time > > > With Ironstream, you collect log data from SMF, RMF, Syslog and other z/OS > sources, and forward that data in real time to the Splunk® Enterprise > analytics platform. That gives you visibility into your z/OS environment as > well as your distributed and open-systems environment. Total visibility, in > other word. This is done without the need for z/OS monitoring systems or > for specialized, scarce, and costly mainframe expertise. > > Comprehensive and powerful business intelligence reporting is at hand as > users can easily search, analyze, and visualize the mainframe log data > along with log data from distributed and open-source systems. > > Ironstream also integrates with Splunk’s Enterprise Security and IT > Service Intelligence applications. This goes beyond IT operational > analytics to give you a firmer grasp of potential security threats in your > z/OS environment. It ensures that your critical business services are being > delivered on time. > > > Lizette > > > > -----Original Message----- > > From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On > > Behalf Of Jake Anderson > > Sent: Saturday, June 10, 2017 6:07 AM > > To: IBM-MAIN@LISTSERV.UA.EDU > > Subject: Re: Syncsort With Splunk > > > > I have used syncsort in Mainframe but don't know how splunk would speak > to > > syncsort running in zOS. > > > > Is there any architecture diagram or Manual which can help me to > understand ? > > > > On Jun 8, 2017 10:24 PM, "Pew, Curtis G" <curtis....@austin.utexas.edu> > > wrote: > > > > > On Jun 8, 2017, at 11:03 AM, Jake Anderson <justmainfra...@gmail.com< > > > mailto:justmainfra...@gmail.com>> wrote: > > > > > > Is there anybody in the group who have used syncsort with Splunk ? > > > > > > We forward our OPERLOG to Splunk, although we don’t use Syncsort’s > > > forwarder. (I wrote my own; it wasn’t that hard.) > > > > > > Our main motivation was to show that the mainframe group are “team > > > players” since everyone else around here was investing in Splunk, but > > > it is actually quite useful. We’ve set up a few regular reports of > > > classes of ABENDs or other errors we like to keep track of, and it > > > allows us to go back and do searches for messages when an issue arises > > > that we hadn’t foreseen. > > > > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN