Products >
ASG-CorreLog z/OS Mainframe Agent
ASG-CorreLog z/OS Mainframe Agent
for monitoring SMF mainframe messages
The CorreLog Mainframe Agent (CMA Agent) expands the role of the CorreLog Server within your enterprise to include monitoring of SMF mainframe messages, empowering you with new important capabilities and visibility into your mainframe and enterprise security. Complete your SIEM strategy using this powerful and unique management component.
The Mainframe Agent program is installed and executes in one or more Z/OS mainframe LPARs, and continuously monitors mainframe SMF records. The Windows Mainframe Agent Receiver program executes on the Windows CorreLog Server platform as a background process. Together, these components permit the user to watch for security violations and performance issues on mainframe components as a regular part of operational security.
All mainframe messages, once received by CorreLog, are converted to regular syslog messages, which can be matched via correlation threads, alerted, and assigned to users via the CorreLog ticketing system. Additionally, the user can create dashboards that depict the mainframe associated threads, devices, and alerts.
Since the messages are just normal syslog messages, they can be easily relayed to other syslog management and log file aggregators, including any standards based third-party system. This extends the life cycle of the software, insuring your technology investment is not built with proprietary protocols. As with all CorreLog software, the mainframe agent is highly documented, easily extended, and designed to insure continued interoperability with other standards-based products.
The CorreLog Mainframe Agent is designed to be highly secure, non-intrusive, and easy to deploy. This program contains multiple features that provide tight integration to the CorreLog server, and high visibility into the security and performance of your mainframe.
- CMA Agent Program. The Mainframe Agent software executes on both the CorreLog Windows platform, and on one or more mainframe LPARs. These components cooperate to log SMF messages from the mainframe as regular syslog messages, permitting all the features of CorreLog Server to be applied to mainframes. Messages are decoded to be completely human-readable text that is ideal for correlation functions as well as operator understanding.
- CMA Support Screen. The Mainframe Agent software includes a CorreLog Server support screen, as part of the Windows component installation. This screen allows the user to configure various special aspects of the mainframe agent software, including source filters, match patterns, and other parameters. The user can specify facilities and severities for any mainframe message (based upon match keywords) as well as tag messages with user specified text, assisting in the correlation of these messages with other events on the network.
- CMA Dashboard Gadget. The Mainframe Agent software supports the CorreLog dashboard facility by adding new gadgets to the CorreLog Server system. These new dashboard elements allow the special mainframe data to be viewed with other enterprise data received by the CorreLog Server, enhancing your view of the enterprise, and the awareness of critical events specific to your mainframe.
- CMA API And Utilities. We include command line utilities and API elements, which transmits mainframe type messages (in EBCDIC) to the Mainframe Agent Program, useful for testing automation that may exist at the CorreLog server, or extending the range of messages.
|
| |
|
|