SlideShare a Scribd company logo

How to Get IBM i Security and Operational Insights with Splunk

Precisely
Precisely

IBM i systems handle some of the most mission-critical transactions in your organization. In the past, they operated in relative isolation, but today they’re connected to other systems across your IT infrastructure to support mission-critical business services. They’re also connected to networks or the Internet, making them vulnerable to cybersecurity threats and incidents. It’s critical that the operational and security data generated by your IBM i systems is visible in your Splunk platform for enterprise-wide analysis, but it’s difficult to capture it and make it usable for reporting. View this webinar on-demand to learn how organizations like yours are using Ironstream to forward IBM i log data to Splunk, to gain insight into operations, security and service delivery for the ultimate success of their business. We will cover: • Key use cases for IBM i log analysis • Challenges of using IBM i data in Splunk • How Ironstream and Splunk deliver key insight into IBM i operational health and security in the broader context of your enterprise

Technology
1 of 28
Download to read offline
How to Get IBM I Security and Operational Insights with Splunk Ian Hartley Product Management Director IBM i and Splunk are registered trademarks of International Business Machines Incorporated and Splunk Incorporated respectively in the United States, other countries, or both.
Housekeeping Webcast Audio • Today’s webcast audio is streamed through your computer speakers. • If you need technical assistance with the web interface or audio, please reach out to us using the chat window. Questions Welcome • Submit your questions at any time during the presentation using the chat window. • We will answer them during our Q&A session following the presentation. Recording and slides • This webcast is being recorded. You will receive an email following the webcast with a link to download both the recording and the slides. 2
Agenda • Demands on Today’s IT • IBM i to Splunk Challenges • Syncsort Ironstream® + Splunk for Security & Operational Insights • Q & A 3
Downtime is NOT an Option • Loses valuable time • Costs money • Impacts reputation Organizations MUST be Proactive • Get ahead of problems…to buy valuable time • See problems BEFORE customers see them • Trying to do more…in same or less time Organizations NEED TO KNOW what’s happening (in real time) • Monitoring: System health, MTTI, MTTR • Operational Intelligence: Performance, trends, capacity, status, prediction • Security: User activities, privileged use, intrusion • Compliance: Audit, policy assurance, data access/movement4 Today’s IT Must be Agile, Available & Aware
Splunk: Industry-Leading Platform For Machine Data Machine Data: Any Location, Type, Volume Online Services Web Services Servers Security GPS Location Storage Desktops Networks Packaged Applications Custom Apps Messaging Telecoms Online Shopping Cart Web Clickstreams Databases Energy Meters Call Detail Records Smartphones and Devices RFID On-Premises Private Cloud Public Cloud Platform Support (Apps / API / SDKs) Enterprise Scalability Universal Indexing Answer Any Question Developer Platform Report & analyze Custom dashboards Monitor & alert Ad hoc search ! 5
Challenges IBM i Splunk Different Data Sources • Journals • Message Queues • Operational Logs • Databases • Custom data and logs IBM i Data Challenges • Complex data structures • Unique journal entry types • Headers • Product sections • Data sections • Variable length, Self-describing • IBM i journals in Db2® • Marshalling IBM i Collection Services • Easy-to-use output Data Volume Previously: Low relatively volume Today: Millions of records generated… …and increasing! Time Matters • Cannot wait for scheduled offload • Need operational insights • Mitigate issues – prevent problems • Visibility: status, trends, predictions • Must have agility to respond FAST 6
AD - Auditing Changes AF - Authority Failure AU - Attribute Change CA - Authority Changes CD - Command String CO - Create Object CP - User Profile DO - Delete Object DS - DST Security Password Reset EV - System Environment Variables GS - Socket description was given to another job JD - Change to user parameter of a job description JS - Actions that affect jobs KF - Key ring file Audit Journal Entry NA - Network attribute changed Audit Journal Entry ND - APPN directory search filter violation NE - APPN end point filter violation OM - Object Move Audit Journal Entry OR - Object Restore Audit Journal Entry OW - Object ownership changed Data Sources for Security and Operations PA - Program changed to adopt authority PG - Change of an object’s primary group PS - Profile swap PW - Invalid password RA - Authority change during restore RJ - Restoring job description with user profile specified RO - Change of object owner during restore RP - Restoring adopted authority program RU - Restoring user profile authority RZ - Changing a primary group during restore SE - Subsystem routing entry changed SM - Systems management changes SO - Server security user information actions ST - Use of service tools SV - System value changed VP - Network password error X0 - Network Authentication ZC - Object accessed (change) ZR - Object accessed (read) ✓ System Operator Message Queue (QSYSOPR) ✓ Application Message Queues ✓ History Log (QHST) ✓ System Audit Journal ✓ System Summary Performance Data ✓ Collection Services Data ✓ Job Accounting Data ✓ Application File Journal Data System Audit Journal 7
Ironstream for Splunk Data Collection from IBM i LPAR Agent 8
Ironstream for Splunk Data Collection from IBM i LPAR Agent System Operator Message Queue (QSYSOPR) Application Message Queues History Log (QHST) System Audit Journal System Summary Performance Data Collection Services Data Job Accounting Data Application File Journal Data 9
10 LPAR Agent IBM i Ironstream for Splunk Data Collection from IBM i
11 LPAR Agent LPAR Agent LPAR Agent IBM i Ironstream for Splunk Data Collection from IBM i
12 LPAR Agent LPAR Agent LPAR Agent IBM i Ironstream for Splunk Data Collection from IBM i TCP/IP (optional TLS) Collector
Splunk 13 LPAR Agent LPAR Agent LPAR Agent IBM i Ironstream for Splunk Data Collection from IBM i Collector Heavy Forwarder TCP/IP (optional TLS)
Splunk 14 LPAR Agent LPAR Agent LPAR Agent IBM i Ironstream for Splunk Data Collection from IBM i Collector Heavy Forwarder TCP/IP (optional TLS)
15 Ironstream for Splunk Comprehensive Filtering
16 Ironstream for Splunk ✓ Easy to read text output
17 Ironstream for Splunk ✓ Simple to use in standard Splunk searches ✓ Easy to read text output
18 Ironstream for Splunk ✓ Simple to use in standard Splunk searches ✓ Easy to read text output ✓ Quick to produce visualizations for insights
Example Dashboards • Security • Authorization Failures • Change Profile Events • System Value Changes • User Activities • Operations • Capacity Monitoring • CPU Utilization • Create/Delete objects • Disk Performance • Job Durations • LPAR Performance • Message Queue Events • System Performance • Employee Database Use Case19 Splunk Dashboards
• Login activity • Command Usage • Object Creation, Movement, Restoration, Deletion • System Value changes • User Profile changes • Authority failures (objects, users) 20 Security Scenarios
• Login activity • Command Usage • Object Creation, Movement, Restoration, Deletion • System Value changes • User Profile changes • Authority failures (objects, users) 21 Security Scenarios
• Login activity • Command Usage • Object Creation, Movement, Restoration, Deletion • System Value changes • User Profile changes • Authority failures (objects, users) 22 Security Scenarios
• Capacity metrics • Job durations • Disk performance • Utilization (CPU, Job, Subsystem) • LPAR performance • Storage Pool activities (faults, etc.) 23 Operational Insights
• Capacity metrics • Job durations • Disk performance • Utilization (CPU, Job, Subsystem) • LPAR performance • Storage Pool activities (faults, etc.) 24 Operational Insights
• Capacity metrics • Job durations • Disk performance • Utilization (CPU, Job, Subsystem) • LPAR performance • Storage Pool activities (faults, etc.) 25 Operational Insights
Q & A 27 Further Information www.syncsort.com/products/ironstream
How to Get IBM i Security and Operational Insights with Splunk

Recommended

Getting Started with Splunk Enterprise
Getting Started with Splunk EnterpriseGetting Started with Splunk Enterprise
Getting Started with Splunk Enterprise
Splunk
 
PayPal Customer Presentation
PayPal Customer PresentationPayPal Customer Presentation
PayPal Customer Presentation
Splunk
 
360-Degree View of IT Infrastructure with IT Operations Analytics
360-Degree View of IT Infrastructure with IT Operations Analytics360-Degree View of IT Infrastructure with IT Operations Analytics
360-Degree View of IT Infrastructure with IT Operations Analytics
Precisely
 
Databus: LinkedIn's Change Data Capture Pipeline SOCC 2012
Databus: LinkedIn's Change Data Capture Pipeline SOCC 2012Databus: LinkedIn's Change Data Capture Pipeline SOCC 2012
Databus: LinkedIn's Change Data Capture Pipeline SOCC 2012
Shirshanka Das
 
Save 5 Hours a Day by Integrating RPG to SQL Server, Excel, and Other Databases
Save 5 Hours a Day by Integrating RPG to SQL Server, Excel, and Other DatabasesSave 5 Hours a Day by Integrating RPG to SQL Server, Excel, and Other Databases
Save 5 Hours a Day by Integrating RPG to SQL Server, Excel, and Other Databases
HelpSystems
 
Strata SG 2015: LinkedIn Self Serve Reporting Platform on Hadoop
Strata SG 2015: LinkedIn Self Serve Reporting Platform on Hadoop Strata SG 2015: LinkedIn Self Serve Reporting Platform on Hadoop
Strata SG 2015: LinkedIn Self Serve Reporting Platform on Hadoop
Shirshanka Das
 
Taking Splunk to the Next Level - Architecture
Taking Splunk to the Next Level - ArchitectureTaking Splunk to the Next Level - Architecture
Taking Splunk to the Next Level - Architecture
Splunk
 
SQL Server 2017 Enhancements You Need To Know
SQL Server 2017 Enhancements You Need To KnowSQL Server 2017 Enhancements You Need To Know
SQL Server 2017 Enhancements You Need To Know
Quest
 

Recommended

Getting Started with Splunk Enterprise
Getting Started with Splunk EnterpriseGetting Started with Splunk Enterprise
Getting Started with Splunk Enterprise
Splunk
 
PayPal Customer Presentation
PayPal Customer PresentationPayPal Customer Presentation
PayPal Customer Presentation
Splunk
 
360-Degree View of IT Infrastructure with IT Operations Analytics
360-Degree View of IT Infrastructure with IT Operations Analytics360-Degree View of IT Infrastructure with IT Operations Analytics
360-Degree View of IT Infrastructure with IT Operations Analytics
Precisely
 
Databus: LinkedIn's Change Data Capture Pipeline SOCC 2012
Databus: LinkedIn's Change Data Capture Pipeline SOCC 2012Databus: LinkedIn's Change Data Capture Pipeline SOCC 2012
Databus: LinkedIn's Change Data Capture Pipeline SOCC 2012
Shirshanka Das
 
Save 5 Hours a Day by Integrating RPG to SQL Server, Excel, and Other Databases
Save 5 Hours a Day by Integrating RPG to SQL Server, Excel, and Other DatabasesSave 5 Hours a Day by Integrating RPG to SQL Server, Excel, and Other Databases
Save 5 Hours a Day by Integrating RPG to SQL Server, Excel, and Other Databases
HelpSystems
 
Strata SG 2015: LinkedIn Self Serve Reporting Platform on Hadoop
Strata SG 2015: LinkedIn Self Serve Reporting Platform on Hadoop Strata SG 2015: LinkedIn Self Serve Reporting Platform on Hadoop
Strata SG 2015: LinkedIn Self Serve Reporting Platform on Hadoop
Shirshanka Das
 
Taking Splunk to the Next Level - Architecture
Taking Splunk to the Next Level - ArchitectureTaking Splunk to the Next Level - Architecture
Taking Splunk to the Next Level - Architecture
Splunk
 
SQL Server 2017 Enhancements You Need To Know
SQL Server 2017 Enhancements You Need To KnowSQL Server 2017 Enhancements You Need To Know
SQL Server 2017 Enhancements You Need To Know
Quest
 
Getting Started with Splunk
Getting Started with SplunkGetting Started with Splunk
Getting Started with Splunk
Splunk
 
Apache Druid 101
Apache Druid 101Apache Druid 101
Apache Druid 101
Data Con LA
 
Streaming real time data with Vibe Data Stream
Streaming real time data with Vibe Data StreamStreaming real time data with Vibe Data Stream
Streaming real time data with Vibe Data Stream
InformaticaMarketplace
 
Eating our Own Dogfood - How Automic Automates
Eating our Own Dogfood - How Automic AutomatesEating our Own Dogfood - How Automic Automates
Eating our Own Dogfood - How Automic Automates
CA | Automic Software
 
Service quality monitoring system architecture
Service quality monitoring system architectureService quality monitoring system architecture
Service quality monitoring system architecture
Matsuo Sawahashi
 
Splunk as a_big_data_platform_for_developers_spring_one2gx
Splunk as a_big_data_platform_for_developers_spring_one2gxSplunk as a_big_data_platform_for_developers_spring_one2gx
Splunk as a_big_data_platform_for_developers_spring_one2gx
Damien Dallimore
 
Preventative Maintenance of Robots in Automotive Industry
Preventative Maintenance of Robots in Automotive IndustryPreventative Maintenance of Robots in Automotive Industry
Preventative Maintenance of Robots in Automotive Industry
DataWorks Summit/Hadoop Summit
 
Presentation capacity management for oracle exadata database machine v2
Presentation capacity management for oracle exadata database machine v2Presentation capacity management for oracle exadata database machine v2
Presentation capacity management for oracle exadata database machine v2
xKinAnx
 
Using Apache Spark for Predicting Degrading and Failing Parts in Aviation
Using Apache Spark for Predicting Degrading and Failing Parts in AviationUsing Apache Spark for Predicting Degrading and Failing Parts in Aviation
Using Apache Spark for Predicting Degrading and Failing Parts in Aviation
Databricks
 
What's new in SQL on Hadoop and Beyond
What's new in SQL on Hadoop and BeyondWhat's new in SQL on Hadoop and Beyond
What's new in SQL on Hadoop and Beyond
DataWorks Summit/Hadoop Summit
 
Splunk for Developers
Splunk for DevelopersSplunk for Developers
Splunk for Developers
Splunk
 
File Manager for z/OS - Overview
File Manager for z/OS - OverviewFile Manager for z/OS - Overview
File Manager for z/OS - Overview
DevOps for Enterprise Systems
 
From the Splunk Front Lines: Unlocking Insights from IBM i Data
From the Splunk Front Lines: Unlocking Insights from IBM i DataFrom the Splunk Front Lines: Unlocking Insights from IBM i Data
From the Splunk Front Lines: Unlocking Insights from IBM i Data
Precisely
 
Data Model for Mainframe in Splunk: The Newest Feature of Ironstream
Data Model for Mainframe in Splunk: The Newest Feature of IronstreamData Model for Mainframe in Splunk: The Newest Feature of Ironstream
Data Model for Mainframe in Splunk: The Newest Feature of Ironstream
Precisely
 
Downtime is Not an Option: Integrating IBM Z into ServiceNow and Splunk
Downtime is Not an Option: Integrating IBM Z into ServiceNow and SplunkDowntime is Not an Option: Integrating IBM Z into ServiceNow and Splunk
Downtime is Not an Option: Integrating IBM Z into ServiceNow and Splunk
Precisely
 
Better Results. Less Work. Optimize IT with Mainframe Visibility in Splunk
Better Results. Less Work. Optimize IT with Mainframe Visibility in SplunkBetter Results. Less Work. Optimize IT with Mainframe Visibility in Splunk
Better Results. Less Work. Optimize IT with Mainframe Visibility in Splunk
Precisely
 
Ironstream for IBM i - Enabling Splunk Insight into Key Security and Operatio...
Ironstream for IBM i - Enabling Splunk Insight into Key Security and Operatio...Ironstream for IBM i - Enabling Splunk Insight into Key Security and Operatio...
Ironstream for IBM i - Enabling Splunk Insight into Key Security and Operatio...
Precisely
 
Enterprise Security in Mainframe-Connected Environments
Enterprise Security in Mainframe-Connected EnvironmentsEnterprise Security in Mainframe-Connected Environments
Enterprise Security in Mainframe-Connected Environments
Precisely
 
Implementing Big Data at the Speed of Business
Implementing Big Data at the Speed of BusinessImplementing Big Data at the Speed of Business
Implementing Big Data at the Speed of Business
DataWorks Summit
 
How Precisely and Splunk Can Help You Better Manage Your IBM Z and IBM i Envi...
How Precisely and Splunk Can Help You Better Manage Your IBM Z and IBM i Envi...How Precisely and Splunk Can Help You Better Manage Your IBM Z and IBM i Envi...
How Precisely and Splunk Can Help You Better Manage Your IBM Z and IBM i Envi...
Precisely
 
Government Agencies Using Splunk: Is Your Critical Data Missing?
Government Agencies Using Splunk: Is Your Critical Data Missing?Government Agencies Using Splunk: Is Your Critical Data Missing?
Government Agencies Using Splunk: Is Your Critical Data Missing?
Precisely
 
Get Mainframe Visibility to Enhance SIEM Efforts in Splunk
Get Mainframe Visibility to Enhance SIEM Efforts in SplunkGet Mainframe Visibility to Enhance SIEM Efforts in Splunk
Get Mainframe Visibility to Enhance SIEM Efforts in Splunk
Precisely
 

More Related Content

What's hot

Getting Started with Splunk
Getting Started with SplunkGetting Started with Splunk
Getting Started with Splunk
Splunk
 
Apache Druid 101
Apache Druid 101Apache Druid 101
Apache Druid 101
Data Con LA
 
Streaming real time data with Vibe Data Stream
Streaming real time data with Vibe Data StreamStreaming real time data with Vibe Data Stream
Streaming real time data with Vibe Data Stream
InformaticaMarketplace
 
Eating our Own Dogfood - How Automic Automates
Eating our Own Dogfood - How Automic AutomatesEating our Own Dogfood - How Automic Automates
Eating our Own Dogfood - How Automic Automates
CA | Automic Software
 
Service quality monitoring system architecture
Service quality monitoring system architectureService quality monitoring system architecture
Service quality monitoring system architecture
Matsuo Sawahashi
 
Splunk as a_big_data_platform_for_developers_spring_one2gx
Splunk as a_big_data_platform_for_developers_spring_one2gxSplunk as a_big_data_platform_for_developers_spring_one2gx
Splunk as a_big_data_platform_for_developers_spring_one2gx
Damien Dallimore
 
Preventative Maintenance of Robots in Automotive Industry
Preventative Maintenance of Robots in Automotive IndustryPreventative Maintenance of Robots in Automotive Industry
Preventative Maintenance of Robots in Automotive Industry
DataWorks Summit/Hadoop Summit
 
Presentation capacity management for oracle exadata database machine v2
Presentation capacity management for oracle exadata database machine v2Presentation capacity management for oracle exadata database machine v2
Presentation capacity management for oracle exadata database machine v2
xKinAnx
 
Using Apache Spark for Predicting Degrading and Failing Parts in Aviation
Using Apache Spark for Predicting Degrading and Failing Parts in AviationUsing Apache Spark for Predicting Degrading and Failing Parts in Aviation
Using Apache Spark for Predicting Degrading and Failing Parts in Aviation
Databricks
 
What's new in SQL on Hadoop and Beyond
What's new in SQL on Hadoop and BeyondWhat's new in SQL on Hadoop and Beyond
What's new in SQL on Hadoop and Beyond
DataWorks Summit/Hadoop Summit
 
Splunk for Developers
Splunk for DevelopersSplunk for Developers
Splunk for Developers
Splunk
 
File Manager for z/OS - Overview
File Manager for z/OS - OverviewFile Manager for z/OS - Overview
File Manager for z/OS - Overview
DevOps for Enterprise Systems
 

What's hot (12)

Getting Started with Splunk
Getting Started with SplunkGetting Started with Splunk
Getting Started with Splunk
 
Apache Druid 101
Apache Druid 101Apache Druid 101
Apache Druid 101
 
Streaming real time data with Vibe Data Stream
Streaming real time data with Vibe Data StreamStreaming real time data with Vibe Data Stream
Streaming real time data with Vibe Data Stream
 
Eating our Own Dogfood - How Automic Automates
Eating our Own Dogfood - How Automic AutomatesEating our Own Dogfood - How Automic Automates
Eating our Own Dogfood - How Automic Automates
 
Service quality monitoring system architecture
Service quality monitoring system architectureService quality monitoring system architecture
Service quality monitoring system architecture
 
Splunk as a_big_data_platform_for_developers_spring_one2gx
Splunk as a_big_data_platform_for_developers_spring_one2gxSplunk as a_big_data_platform_for_developers_spring_one2gx
Splunk as a_big_data_platform_for_developers_spring_one2gx
 
Preventative Maintenance of Robots in Automotive Industry
Preventative Maintenance of Robots in Automotive IndustryPreventative Maintenance of Robots in Automotive Industry
Preventative Maintenance of Robots in Automotive Industry
 
Presentation capacity management for oracle exadata database machine v2
Presentation capacity management for oracle exadata database machine v2Presentation capacity management for oracle exadata database machine v2
Presentation capacity management for oracle exadata database machine v2
 
Using Apache Spark for Predicting Degrading and Failing Parts in Aviation
Using Apache Spark for Predicting Degrading and Failing Parts in AviationUsing Apache Spark for Predicting Degrading and Failing Parts in Aviation
Using Apache Spark for Predicting Degrading and Failing Parts in Aviation
 
What's new in SQL on Hadoop and Beyond
What's new in SQL on Hadoop and BeyondWhat's new in SQL on Hadoop and Beyond
What's new in SQL on Hadoop and Beyond
 
Splunk for Developers
Splunk for DevelopersSplunk for Developers
Splunk for Developers
 
File Manager for z/OS - Overview
File Manager for z/OS - OverviewFile Manager for z/OS - Overview
File Manager for z/OS - Overview
 

Similar to How to Get IBM i Security and Operational Insights with Splunk

From the Splunk Front Lines: Unlocking Insights from IBM i Data
From the Splunk Front Lines: Unlocking Insights from IBM i DataFrom the Splunk Front Lines: Unlocking Insights from IBM i Data
From the Splunk Front Lines: Unlocking Insights from IBM i Data
Precisely
 
Data Model for Mainframe in Splunk: The Newest Feature of Ironstream
Data Model for Mainframe in Splunk: The Newest Feature of IronstreamData Model for Mainframe in Splunk: The Newest Feature of Ironstream
Data Model for Mainframe in Splunk: The Newest Feature of Ironstream
Precisely
 
Downtime is Not an Option: Integrating IBM Z into ServiceNow and Splunk
Downtime is Not an Option: Integrating IBM Z into ServiceNow and SplunkDowntime is Not an Option: Integrating IBM Z into ServiceNow and Splunk
Downtime is Not an Option: Integrating IBM Z into ServiceNow and Splunk
Precisely
 
Better Results. Less Work. Optimize IT with Mainframe Visibility in Splunk
Better Results. Less Work. Optimize IT with Mainframe Visibility in SplunkBetter Results. Less Work. Optimize IT with Mainframe Visibility in Splunk
Better Results. Less Work. Optimize IT with Mainframe Visibility in Splunk
Precisely
 
Ironstream for IBM i - Enabling Splunk Insight into Key Security and Operatio...
Ironstream for IBM i - Enabling Splunk Insight into Key Security and Operatio...Ironstream for IBM i - Enabling Splunk Insight into Key Security and Operatio...
Ironstream for IBM i - Enabling Splunk Insight into Key Security and Operatio...
Precisely
 
Enterprise Security in Mainframe-Connected Environments
Enterprise Security in Mainframe-Connected EnvironmentsEnterprise Security in Mainframe-Connected Environments
Enterprise Security in Mainframe-Connected Environments
Precisely
 
Implementing Big Data at the Speed of Business
Implementing Big Data at the Speed of BusinessImplementing Big Data at the Speed of Business
Implementing Big Data at the Speed of Business
DataWorks Summit
 
How Precisely and Splunk Can Help You Better Manage Your IBM Z and IBM i Envi...
How Precisely and Splunk Can Help You Better Manage Your IBM Z and IBM i Envi...How Precisely and Splunk Can Help You Better Manage Your IBM Z and IBM i Envi...
How Precisely and Splunk Can Help You Better Manage Your IBM Z and IBM i Envi...
Precisely
 
Government Agencies Using Splunk: Is Your Critical Data Missing?
Government Agencies Using Splunk: Is Your Critical Data Missing?Government Agencies Using Splunk: Is Your Critical Data Missing?
Government Agencies Using Splunk: Is Your Critical Data Missing?
Precisely
 
Get Mainframe Visibility to Enhance SIEM Efforts in Splunk
Get Mainframe Visibility to Enhance SIEM Efforts in SplunkGet Mainframe Visibility to Enhance SIEM Efforts in Splunk
Get Mainframe Visibility to Enhance SIEM Efforts in Splunk
Precisely
 
Using a Data Model to Bridge the Mainframe-Splunk Knowledge Gap
Using a Data Model to Bridge the Mainframe-Splunk Knowledge GapUsing a Data Model to Bridge the Mainframe-Splunk Knowledge Gap
Using a Data Model to Bridge the Mainframe-Splunk Knowledge Gap
Precisely
 
iSecurity Data Sheet March 2016
iSecurity Data Sheet March 2016iSecurity Data Sheet March 2016
iSecurity Data Sheet March 2016
Raz-Lee Security
 
Getting Started with Splunk Breakout Session
Getting Started with Splunk Breakout SessionGetting Started with Splunk Breakout Session
Getting Started with Splunk Breakout Session
Splunk
 
SharePoint Performance: Physical to Virtual to Microsoft Azure Cloud and Offi...
SharePoint Performance: Physical to Virtual to Microsoft Azure Cloud and Offi...SharePoint Performance: Physical to Virtual to Microsoft Azure Cloud and Offi...
SharePoint Performance: Physical to Virtual to Microsoft Azure Cloud and Offi...
Joel Oleson
 
Mainframe Customer Education Webcast: New Ironstream Facilities for Enhanced ...
Mainframe Customer Education Webcast: New Ironstream Facilities for Enhanced ...Mainframe Customer Education Webcast: New Ironstream Facilities for Enhanced ...
Mainframe Customer Education Webcast: New Ironstream Facilities for Enhanced ...
Precisely
 
Elevate your Splunk Deployment by Better Understanding your Value Breakfast S...
Elevate your Splunk Deployment by Better Understanding your Value Breakfast S...Elevate your Splunk Deployment by Better Understanding your Value Breakfast S...
Elevate your Splunk Deployment by Better Understanding your Value Breakfast S...
Splunk
 
Delivering New Visibility and Analytics for IT Operations
Delivering New Visibility and Analytics for IT OperationsDelivering New Visibility and Analytics for IT Operations
Delivering New Visibility and Analytics for IT Operations
Gabrielle Knowles
 
SplunkLive Wellington 2015 - Operational Intelligence
SplunkLive Wellington 2015 - Operational IntelligenceSplunkLive Wellington 2015 - Operational Intelligence
SplunkLive Wellington 2015 - Operational Intelligence
Splunk
 
SplunkLive Auckland - Operational Intelligence
SplunkLive Auckland - Operational IntelligenceSplunkLive Auckland - Operational Intelligence
SplunkLive Auckland - Operational Intelligence
Splunk
 
DevOps in the Amazon Cloud – Learn from the pioneersNetflix suro
DevOps in the Amazon Cloud – Learn from the pioneersNetflix suroDevOps in the Amazon Cloud – Learn from the pioneersNetflix suro
DevOps in the Amazon Cloud – Learn from the pioneersNetflix suro
Gaurav "GP" Pal
 

Similar to How to Get IBM i Security and Operational Insights with Splunk (20)

From the Splunk Front Lines: Unlocking Insights from IBM i Data
From the Splunk Front Lines: Unlocking Insights from IBM i DataFrom the Splunk Front Lines: Unlocking Insights from IBM i Data
From the Splunk Front Lines: Unlocking Insights from IBM i Data
 
Data Model for Mainframe in Splunk: The Newest Feature of Ironstream
Data Model for Mainframe in Splunk: The Newest Feature of IronstreamData Model for Mainframe in Splunk: The Newest Feature of Ironstream
Data Model for Mainframe in Splunk: The Newest Feature of Ironstream
 
Downtime is Not an Option: Integrating IBM Z into ServiceNow and Splunk
Downtime is Not an Option: Integrating IBM Z into ServiceNow and SplunkDowntime is Not an Option: Integrating IBM Z into ServiceNow and Splunk
Downtime is Not an Option: Integrating IBM Z into ServiceNow and Splunk
 
Better Results. Less Work. Optimize IT with Mainframe Visibility in Splunk
Better Results. Less Work. Optimize IT with Mainframe Visibility in SplunkBetter Results. Less Work. Optimize IT with Mainframe Visibility in Splunk
Better Results. Less Work. Optimize IT with Mainframe Visibility in Splunk
 
Ironstream for IBM i - Enabling Splunk Insight into Key Security and Operatio...
Ironstream for IBM i - Enabling Splunk Insight into Key Security and Operatio...Ironstream for IBM i - Enabling Splunk Insight into Key Security and Operatio...
Ironstream for IBM i - Enabling Splunk Insight into Key Security and Operatio...
 
Enterprise Security in Mainframe-Connected Environments
Enterprise Security in Mainframe-Connected EnvironmentsEnterprise Security in Mainframe-Connected Environments
Enterprise Security in Mainframe-Connected Environments
 
Implementing Big Data at the Speed of Business
Implementing Big Data at the Speed of BusinessImplementing Big Data at the Speed of Business
Implementing Big Data at the Speed of Business
 
How Precisely and Splunk Can Help You Better Manage Your IBM Z and IBM i Envi...
How Precisely and Splunk Can Help You Better Manage Your IBM Z and IBM i Envi...How Precisely and Splunk Can Help You Better Manage Your IBM Z and IBM i Envi...
How Precisely and Splunk Can Help You Better Manage Your IBM Z and IBM i Envi...
 
Government Agencies Using Splunk: Is Your Critical Data Missing?
Government Agencies Using Splunk: Is Your Critical Data Missing?Government Agencies Using Splunk: Is Your Critical Data Missing?
Government Agencies Using Splunk: Is Your Critical Data Missing?
 
Get Mainframe Visibility to Enhance SIEM Efforts in Splunk
Get Mainframe Visibility to Enhance SIEM Efforts in SplunkGet Mainframe Visibility to Enhance SIEM Efforts in Splunk
Get Mainframe Visibility to Enhance SIEM Efforts in Splunk
 
Using a Data Model to Bridge the Mainframe-Splunk Knowledge Gap
Using a Data Model to Bridge the Mainframe-Splunk Knowledge GapUsing a Data Model to Bridge the Mainframe-Splunk Knowledge Gap
Using a Data Model to Bridge the Mainframe-Splunk Knowledge Gap
 
iSecurity Data Sheet March 2016
iSecurity Data Sheet March 2016iSecurity Data Sheet March 2016
iSecurity Data Sheet March 2016
 
Getting Started with Splunk Breakout Session
Getting Started with Splunk Breakout SessionGetting Started with Splunk Breakout Session
Getting Started with Splunk Breakout Session
 
SharePoint Performance: Physical to Virtual to Microsoft Azure Cloud and Offi...
SharePoint Performance: Physical to Virtual to Microsoft Azure Cloud and Offi...SharePoint Performance: Physical to Virtual to Microsoft Azure Cloud and Offi...
SharePoint Performance: Physical to Virtual to Microsoft Azure Cloud and Offi...
 
Mainframe Customer Education Webcast: New Ironstream Facilities for Enhanced ...
Mainframe Customer Education Webcast: New Ironstream Facilities for Enhanced ...Mainframe Customer Education Webcast: New Ironstream Facilities for Enhanced ...
Mainframe Customer Education Webcast: New Ironstream Facilities for Enhanced ...
 
Elevate your Splunk Deployment by Better Understanding your Value Breakfast S...
Elevate your Splunk Deployment by Better Understanding your Value Breakfast S...Elevate your Splunk Deployment by Better Understanding your Value Breakfast S...
Elevate your Splunk Deployment by Better Understanding your Value Breakfast S...
 
Delivering New Visibility and Analytics for IT Operations
Delivering New Visibility and Analytics for IT OperationsDelivering New Visibility and Analytics for IT Operations
Delivering New Visibility and Analytics for IT Operations
 
SplunkLive Wellington 2015 - Operational Intelligence
SplunkLive Wellington 2015 - Operational IntelligenceSplunkLive Wellington 2015 - Operational Intelligence
SplunkLive Wellington 2015 - Operational Intelligence
 
SplunkLive Auckland - Operational Intelligence
SplunkLive Auckland - Operational IntelligenceSplunkLive Auckland - Operational Intelligence
SplunkLive Auckland - Operational Intelligence
 
DevOps in the Amazon Cloud – Learn from the pioneersNetflix suro
DevOps in the Amazon Cloud – Learn from the pioneersNetflix suroDevOps in the Amazon Cloud – Learn from the pioneersNetflix suro
DevOps in the Amazon Cloud – Learn from the pioneersNetflix suro
 

More from Precisely

Making Your Data and AI Ready for Business Transformation.pdf
Making Your Data and AI Ready for Business Transformation.pdfMaking Your Data and AI Ready for Business Transformation.pdf
Making Your Data and AI Ready for Business Transformation.pdf
Precisely
 
Getting a Deeper Look at Your IBM® Z and IBM i Data in ServiceNow
Getting a Deeper Look at Your IBM® Z and IBM i Data in ServiceNowGetting a Deeper Look at Your IBM® Z and IBM i Data in ServiceNow
Getting a Deeper Look at Your IBM® Z and IBM i Data in ServiceNow
Precisely
 
Predictive Powerhouse - Elevating AI ML Accuracy and Relevance with Third-Par...
Predictive Powerhouse - Elevating AI ML Accuracy and Relevance with Third-Par...Predictive Powerhouse - Elevating AI ML Accuracy and Relevance with Third-Par...
Predictive Powerhouse - Elevating AI ML Accuracy and Relevance with Third-Par...
Precisely
 
Predictive Powerhouse: Elevating AI Accuracy and Relevance with Third-Party Data
Predictive Powerhouse: Elevating AI Accuracy and Relevance with Third-Party DataPredictive Powerhouse: Elevating AI Accuracy and Relevance with Third-Party Data
Predictive Powerhouse: Elevating AI Accuracy and Relevance with Third-Party Data
Precisely
 
Predictive Powerhouse: Elevating AI Accuracy and Relevance with Third-Party Data
Predictive Powerhouse: Elevating AI Accuracy and Relevance with Third-Party DataPredictive Powerhouse: Elevating AI Accuracy and Relevance with Third-Party Data
Predictive Powerhouse: Elevating AI Accuracy and Relevance with Third-Party Data
Precisely
 
Digital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Digital Banking in the Cloud: How Citizens Bank Unlocked Their MainframeDigital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Digital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Precisely
 
信頼できるデータでESGイニシアチブを成功に導く方法.pdf How to drive success with ESG initiatives with...
信頼できるデータでESGイニシアチブを成功に導く方法.pdf How to drive success with ESG initiatives with...信頼できるデータでESGイニシアチブを成功に導く方法.pdf How to drive success with ESG initiatives with...
信頼できるデータでESGイニシアチブを成功に導く方法.pdf How to drive success with ESG initiatives with...
Precisely
 
AI-Ready Data - The Key to Transforming Projects into Production.pptx
AI-Ready Data - The Key to Transforming Projects into Production.pptxAI-Ready Data - The Key to Transforming Projects into Production.pptx
AI-Ready Data - The Key to Transforming Projects into Production.pptx
Precisely
 
Building a Multi-Layered Defense for Your IBM i Security
Building a Multi-Layered Defense for Your IBM i SecurityBuilding a Multi-Layered Defense for Your IBM i Security
Building a Multi-Layered Defense for Your IBM i Security
Precisely
 
Optimierte Daten und Prozesse mit KI / ML + SAP Fiori.pdf
Optimierte Daten und Prozesse mit KI / ML + SAP Fiori.pdfOptimierte Daten und Prozesse mit KI / ML + SAP Fiori.pdf
Optimierte Daten und Prozesse mit KI / ML + SAP Fiori.pdf
Precisely
 
Chaining, Looping, and Long Text for Script Development and Automation.pdf
Chaining, Looping, and Long Text for Script Development and Automation.pdfChaining, Looping, and Long Text for Script Development and Automation.pdf
Chaining, Looping, and Long Text for Script Development and Automation.pdf
Precisely
 
Revolutionizing SAP® Processes with Automation and Artificial Intelligence
Revolutionizing SAP® Processes with Automation and Artificial IntelligenceRevolutionizing SAP® Processes with Automation and Artificial Intelligence
Revolutionizing SAP® Processes with Automation and Artificial Intelligence
Precisely
 
Navigating the Cloud: Best Practices for Successful Migration
Navigating the Cloud: Best Practices for Successful MigrationNavigating the Cloud: Best Practices for Successful Migration
Navigating the Cloud: Best Practices for Successful Migration
Precisely
 
Unlocking the Power of Your IBM i and Z Security Data with Google Chronicle
Unlocking the Power of Your IBM i and Z Security Data with Google ChronicleUnlocking the Power of Your IBM i and Z Security Data with Google Chronicle
Unlocking the Power of Your IBM i and Z Security Data with Google Chronicle
Precisely
 
How to Build Data Governance Programs That Last - A Business-First Approach.pdf
How to Build Data Governance Programs That Last - A Business-First Approach.pdfHow to Build Data Governance Programs That Last - A Business-First Approach.pdf
How to Build Data Governance Programs That Last - A Business-First Approach.pdf
Precisely
 
Zukuntssichere SAP Prozesse dank automatisierter Massendaten
Zukuntssichere SAP Prozesse dank automatisierter MassendatenZukuntssichere SAP Prozesse dank automatisierter Massendaten
Zukuntssichere SAP Prozesse dank automatisierter Massendaten
Precisely
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power Systems
Precisely
 
Crucial Considerations for AI-ready Data.pdf
Crucial Considerations for AI-ready Data.pdfCrucial Considerations for AI-ready Data.pdf
Crucial Considerations for AI-ready Data.pdf
Precisely
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Precisely
 
Justifying Capacity Managment Webinar 4/10
Justifying Capacity Managment Webinar 4/10Justifying Capacity Managment Webinar 4/10
Justifying Capacity Managment Webinar 4/10
Precisely
 

More from Precisely (20)

Making Your Data and AI Ready for Business Transformation.pdf
Making Your Data and AI Ready for Business Transformation.pdfMaking Your Data and AI Ready for Business Transformation.pdf
Making Your Data and AI Ready for Business Transformation.pdf
 
Getting a Deeper Look at Your IBM® Z and IBM i Data in ServiceNow
Getting a Deeper Look at Your IBM® Z and IBM i Data in ServiceNowGetting a Deeper Look at Your IBM® Z and IBM i Data in ServiceNow
Getting a Deeper Look at Your IBM® Z and IBM i Data in ServiceNow
 
Predictive Powerhouse - Elevating AI ML Accuracy and Relevance with Third-Par...
Predictive Powerhouse - Elevating AI ML Accuracy and Relevance with Third-Par...Predictive Powerhouse - Elevating AI ML Accuracy and Relevance with Third-Par...
Predictive Powerhouse - Elevating AI ML Accuracy and Relevance with Third-Par...
 
Predictive Powerhouse: Elevating AI Accuracy and Relevance with Third-Party Data
Predictive Powerhouse: Elevating AI Accuracy and Relevance with Third-Party DataPredictive Powerhouse: Elevating AI Accuracy and Relevance with Third-Party Data
Predictive Powerhouse: Elevating AI Accuracy and Relevance with Third-Party Data
 
Predictive Powerhouse: Elevating AI Accuracy and Relevance with Third-Party Data
Predictive Powerhouse: Elevating AI Accuracy and Relevance with Third-Party DataPredictive Powerhouse: Elevating AI Accuracy and Relevance with Third-Party Data
Predictive Powerhouse: Elevating AI Accuracy and Relevance with Third-Party Data
 
Digital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Digital Banking in the Cloud: How Citizens Bank Unlocked Their MainframeDigital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Digital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
 
信頼できるデータでESGイニシアチブを成功に導く方法.pdf How to drive success with ESG initiatives with...
信頼できるデータでESGイニシアチブを成功に導く方法.pdf How to drive success with ESG initiatives with...信頼できるデータでESGイニシアチブを成功に導く方法.pdf How to drive success with ESG initiatives with...
信頼できるデータでESGイニシアチブを成功に導く方法.pdf How to drive success with ESG initiatives with...
 
AI-Ready Data - The Key to Transforming Projects into Production.pptx
AI-Ready Data - The Key to Transforming Projects into Production.pptxAI-Ready Data - The Key to Transforming Projects into Production.pptx
AI-Ready Data - The Key to Transforming Projects into Production.pptx
 
Building a Multi-Layered Defense for Your IBM i Security
Building a Multi-Layered Defense for Your IBM i SecurityBuilding a Multi-Layered Defense for Your IBM i Security
Building a Multi-Layered Defense for Your IBM i Security
 
Optimierte Daten und Prozesse mit KI / ML + SAP Fiori.pdf
Optimierte Daten und Prozesse mit KI / ML + SAP Fiori.pdfOptimierte Daten und Prozesse mit KI / ML + SAP Fiori.pdf
Optimierte Daten und Prozesse mit KI / ML + SAP Fiori.pdf
 
Chaining, Looping, and Long Text for Script Development and Automation.pdf
Chaining, Looping, and Long Text for Script Development and Automation.pdfChaining, Looping, and Long Text for Script Development and Automation.pdf
Chaining, Looping, and Long Text for Script Development and Automation.pdf
 
Revolutionizing SAP® Processes with Automation and Artificial Intelligence
Revolutionizing SAP® Processes with Automation and Artificial IntelligenceRevolutionizing SAP® Processes with Automation and Artificial Intelligence
Revolutionizing SAP® Processes with Automation and Artificial Intelligence
 
Navigating the Cloud: Best Practices for Successful Migration
Navigating the Cloud: Best Practices for Successful MigrationNavigating the Cloud: Best Practices for Successful Migration
Navigating the Cloud: Best Practices for Successful Migration
 
Unlocking the Power of Your IBM i and Z Security Data with Google Chronicle
Unlocking the Power of Your IBM i and Z Security Data with Google ChronicleUnlocking the Power of Your IBM i and Z Security Data with Google Chronicle
Unlocking the Power of Your IBM i and Z Security Data with Google Chronicle
 
How to Build Data Governance Programs That Last - A Business-First Approach.pdf
How to Build Data Governance Programs That Last - A Business-First Approach.pdfHow to Build Data Governance Programs That Last - A Business-First Approach.pdf
How to Build Data Governance Programs That Last - A Business-First Approach.pdf
 
Zukuntssichere SAP Prozesse dank automatisierter Massendaten
Zukuntssichere SAP Prozesse dank automatisierter MassendatenZukuntssichere SAP Prozesse dank automatisierter Massendaten
Zukuntssichere SAP Prozesse dank automatisierter Massendaten
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power Systems
 
Crucial Considerations for AI-ready Data.pdf
Crucial Considerations for AI-ready Data.pdfCrucial Considerations for AI-ready Data.pdf
Crucial Considerations for AI-ready Data.pdf
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
Justifying Capacity Managment Webinar 4/10
Justifying Capacity Managment Webinar 4/10Justifying Capacity Managment Webinar 4/10
Justifying Capacity Managment Webinar 4/10
 

Recently uploaded

Nordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptxNordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptx
MichaelKnudsen27
 
Poznań ACE event - 19.06.2024 Team 24 Wrapup slidedeck
Poznań ACE event - 19.06.2024 Team 24 Wrapup slidedeckPoznań ACE event - 19.06.2024 Team 24 Wrapup slidedeck
Poznań ACE event - 19.06.2024 Team 24 Wrapup slidedeck
FilipTomaszewski5
 
Essentials of Automations: Exploring Attributes & Automation Parameters
Essentials of Automations: Exploring Attributes & Automation ParametersEssentials of Automations: Exploring Attributes & Automation Parameters
Essentials of Automations: Exploring Attributes & Automation Parameters
Safe Software
 
PRODUCT LISTING OPTIMIZATION PRESENTATION.pptx
PRODUCT LISTING OPTIMIZATION PRESENTATION.pptxPRODUCT LISTING OPTIMIZATION PRESENTATION.pptx
PRODUCT LISTING OPTIMIZATION PRESENTATION.pptx
christinelarrosa
 
QA or the Highway - Component Testing: Bridging the gap between frontend appl...
QA or the Highway - Component Testing: Bridging the gap between frontend appl...QA or the Highway - Component Testing: Bridging the gap between frontend appl...
QA or the Highway - Component Testing: Bridging the gap between frontend appl...
zjhamm304
 
GNSS spoofing via SDR (Criptored Talks 2024)
GNSS spoofing via SDR (Criptored Talks 2024)GNSS spoofing via SDR (Criptored Talks 2024)
GNSS spoofing via SDR (Criptored Talks 2024)
Javier Junquera
 
Must Know Postgres Extension for DBA and Developer during Migration
Must Know Postgres Extension for DBA and Developer during MigrationMust Know Postgres Extension for DBA and Developer during Migration
Must Know Postgres Extension for DBA and Developer during Migration
Mydbops
 
Day 2 - Intro to UiPath Studio Fundamentals
Day 2 - Intro to UiPath Studio FundamentalsDay 2 - Intro to UiPath Studio Fundamentals
Day 2 - Intro to UiPath Studio Fundamentals
UiPathCommunity
 
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfHow to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
Chart Kalyan
 
Apps Break Data
Apps Break DataApps Break Data
Apps Break Data
Ivo Velitchkov
 
What is an RPA CoE? Session 2 – CoE Roles
What is an RPA CoE? Session 2 – CoE RolesWhat is an RPA CoE? Session 2 – CoE Roles
What is an RPA CoE? Session 2 – CoE Roles
DianaGray10
 
Christine's Product Research Presentation.pptx
Christine's Product Research Presentation.pptxChristine's Product Research Presentation.pptx
Christine's Product Research Presentation.pptx
christinelarrosa
 
inQuba Webinar Mastering Customer Journey Management with Dr Graham Hill
inQuba Webinar Mastering Customer Journey Management with Dr Graham HillinQuba Webinar Mastering Customer Journey Management with Dr Graham Hill
inQuba Webinar Mastering Customer Journey Management with Dr Graham Hill
LizaNolte
 
Y-Combinator seed pitch deck template PP
Y-Combinator seed pitch deck template PPY-Combinator seed pitch deck template PP
Y-Combinator seed pitch deck template PP
c5vrf27qcz
 
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-EfficiencyFreshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
ScyllaDB
 
Leveraging the Graph for Clinical Trials and Standards
Leveraging the Graph for Clinical Trials and StandardsLeveraging the Graph for Clinical Trials and Standards
Leveraging the Graph for Clinical Trials and Standards
Neo4j
 
Northern Engraving | Nameplate Manufacturing Process - 2024
Northern Engraving | Nameplate Manufacturing Process - 2024Northern Engraving | Nameplate Manufacturing Process - 2024
Northern Engraving | Nameplate Manufacturing Process - 2024
Northern Engraving
 
Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)
Jakub Marek
 
Introduction of Cybersecurity with OSS at Code Europe 2024
Introduction of Cybersecurity with OSS at Code Europe 2024Introduction of Cybersecurity with OSS at Code Europe 2024
Introduction of Cybersecurity with OSS at Code Europe 2024
Hiroshi SHIBATA
 
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
Alex Pruden
 

Recently uploaded (20)

Nordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptxNordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptx
 
Poznań ACE event - 19.06.2024 Team 24 Wrapup slidedeck
Poznań ACE event - 19.06.2024 Team 24 Wrapup slidedeckPoznań ACE event - 19.06.2024 Team 24 Wrapup slidedeck
Poznań ACE event - 19.06.2024 Team 24 Wrapup slidedeck
 
Essentials of Automations: Exploring Attributes & Automation Parameters
Essentials of Automations: Exploring Attributes & Automation ParametersEssentials of Automations: Exploring Attributes & Automation Parameters
Essentials of Automations: Exploring Attributes & Automation Parameters
 
PRODUCT LISTING OPTIMIZATION PRESENTATION.pptx
PRODUCT LISTING OPTIMIZATION PRESENTATION.pptxPRODUCT LISTING OPTIMIZATION PRESENTATION.pptx
PRODUCT LISTING OPTIMIZATION PRESENTATION.pptx
 
QA or the Highway - Component Testing: Bridging the gap between frontend appl...
QA or the Highway - Component Testing: Bridging the gap between frontend appl...QA or the Highway - Component Testing: Bridging the gap between frontend appl...
QA or the Highway - Component Testing: Bridging the gap between frontend appl...
 
GNSS spoofing via SDR (Criptored Talks 2024)
GNSS spoofing via SDR (Criptored Talks 2024)GNSS spoofing via SDR (Criptored Talks 2024)
GNSS spoofing via SDR (Criptored Talks 2024)
 
Must Know Postgres Extension for DBA and Developer during Migration
Must Know Postgres Extension for DBA and Developer during MigrationMust Know Postgres Extension for DBA and Developer during Migration
Must Know Postgres Extension for DBA and Developer during Migration
 
Day 2 - Intro to UiPath Studio Fundamentals
Day 2 - Intro to UiPath Studio FundamentalsDay 2 - Intro to UiPath Studio Fundamentals
Day 2 - Intro to UiPath Studio Fundamentals
 
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfHow to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
 
Apps Break Data
Apps Break DataApps Break Data
Apps Break Data
 
What is an RPA CoE? Session 2 – CoE Roles
What is an RPA CoE? Session 2 – CoE RolesWhat is an RPA CoE? Session 2 – CoE Roles
What is an RPA CoE? Session 2 – CoE Roles
 
Christine's Product Research Presentation.pptx
Christine's Product Research Presentation.pptxChristine's Product Research Presentation.pptx
Christine's Product Research Presentation.pptx
 
inQuba Webinar Mastering Customer Journey Management with Dr Graham Hill
inQuba Webinar Mastering Customer Journey Management with Dr Graham HillinQuba Webinar Mastering Customer Journey Management with Dr Graham Hill
inQuba Webinar Mastering Customer Journey Management with Dr Graham Hill
 
Y-Combinator seed pitch deck template PP
Y-Combinator seed pitch deck template PPY-Combinator seed pitch deck template PP
Y-Combinator seed pitch deck template PP
 
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-EfficiencyFreshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
 
Leveraging the Graph for Clinical Trials and Standards
Leveraging the Graph for Clinical Trials and StandardsLeveraging the Graph for Clinical Trials and Standards
Leveraging the Graph for Clinical Trials and Standards
 
Northern Engraving | Nameplate Manufacturing Process - 2024
Northern Engraving | Nameplate Manufacturing Process - 2024Northern Engraving | Nameplate Manufacturing Process - 2024
Northern Engraving | Nameplate Manufacturing Process - 2024
 
Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)
 
Introduction of Cybersecurity with OSS at Code Europe 2024
Introduction of Cybersecurity with OSS at Code Europe 2024Introduction of Cybersecurity with OSS at Code Europe 2024
Introduction of Cybersecurity with OSS at Code Europe 2024
 
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
 

How to Get IBM i Security and Operational Insights with Splunk

  • 1. How to Get IBM I Security and Operational Insights with Splunk Ian Hartley Product Management Director IBM i and Splunk are registered trademarks of International Business Machines Incorporated and Splunk Incorporated respectively in the United States, other countries, or both.
  • 2. Housekeeping Webcast Audio • Today’s webcast audio is streamed through your computer speakers. • If you need technical assistance with the web interface or audio, please reach out to us using the chat window. Questions Welcome • Submit your questions at any time during the presentation using the chat window. • We will answer them during our Q&A session following the presentation. Recording and slides • This webcast is being recorded. You will receive an email following the webcast with a link to download both the recording and the slides. 2
  • 3. Agenda • Demands on Today’s IT • IBM i to Splunk Challenges • Syncsort Ironstream® + Splunk for Security & Operational Insights • Q & A 3
  • 4. Downtime is NOT an Option • Loses valuable time • Costs money • Impacts reputation Organizations MUST be Proactive • Get ahead of problems…to buy valuable time • See problems BEFORE customers see them • Trying to do more…in same or less time Organizations NEED TO KNOW what’s happening (in real time) • Monitoring: System health, MTTI, MTTR • Operational Intelligence: Performance, trends, capacity, status, prediction • Security: User activities, privileged use, intrusion • Compliance: Audit, policy assurance, data access/movement4 Today’s IT Must be Agile, Available & Aware
  • 5. Splunk: Industry-Leading Platform For Machine Data Machine Data: Any Location, Type, Volume Online Services Web Services Servers Security GPS Location Storage Desktops Networks Packaged Applications Custom Apps Messaging Telecoms Online Shopping Cart Web Clickstreams Databases Energy Meters Call Detail Records Smartphones and Devices RFID On-Premises Private Cloud Public Cloud Platform Support (Apps / API / SDKs) Enterprise Scalability Universal Indexing Answer Any Question Developer Platform Report & analyze Custom dashboards Monitor & alert Ad hoc search ! 5
  • 6. Challenges IBM i Splunk Different Data Sources • Journals • Message Queues • Operational Logs • Databases • Custom data and logs IBM i Data Challenges • Complex data structures • Unique journal entry types • Headers • Product sections • Data sections • Variable length, Self-describing • IBM i journals in Db2® • Marshalling IBM i Collection Services • Easy-to-use output Data Volume Previously: Low relatively volume Today: Millions of records generated… …and increasing! Time Matters • Cannot wait for scheduled offload • Need operational insights • Mitigate issues – prevent problems • Visibility: status, trends, predictions • Must have agility to respond FAST 6
  • 7. AD - Auditing Changes AF - Authority Failure AU - Attribute Change CA - Authority Changes CD - Command String CO - Create Object CP - User Profile DO - Delete Object DS - DST Security Password Reset EV - System Environment Variables GS - Socket description was given to another job JD - Change to user parameter of a job description JS - Actions that affect jobs KF - Key ring file Audit Journal Entry NA - Network attribute changed Audit Journal Entry ND - APPN directory search filter violation NE - APPN end point filter violation OM - Object Move Audit Journal Entry OR - Object Restore Audit Journal Entry OW - Object ownership changed Data Sources for Security and Operations PA - Program changed to adopt authority PG - Change of an object’s primary group PS - Profile swap PW - Invalid password RA - Authority change during restore RJ - Restoring job description with user profile specified RO - Change of object owner during restore RP - Restoring adopted authority program RU - Restoring user profile authority RZ - Changing a primary group during restore SE - Subsystem routing entry changed SM - Systems management changes SO - Server security user information actions ST - Use of service tools SV - System value changed VP - Network password error X0 - Network Authentication ZC - Object accessed (change) ZR - Object accessed (read) ✓ System Operator Message Queue (QSYSOPR) ✓ Application Message Queues ✓ History Log (QHST) ✓ System Audit Journal ✓ System Summary Performance Data ✓ Collection Services Data ✓ Job Accounting Data ✓ Application File Journal Data System Audit Journal 7
  • 8. Ironstream for Splunk Data Collection from IBM i LPAR Agent 8
  • 9. Ironstream for Splunk Data Collection from IBM i LPAR Agent System Operator Message Queue (QSYSOPR) Application Message Queues History Log (QHST) System Audit Journal System Summary Performance Data Collection Services Data Job Accounting Data Application File Journal Data 9
  • 10. 10 LPAR Agent IBM i Ironstream for Splunk Data Collection from IBM i
  • 11. 11 LPAR Agent LPAR Agent LPAR Agent IBM i Ironstream for Splunk Data Collection from IBM i
  • 12. 12 LPAR Agent LPAR Agent LPAR Agent IBM i Ironstream for Splunk Data Collection from IBM i TCP/IP (optional TLS) Collector
  • 13. Splunk 13 LPAR Agent LPAR Agent LPAR Agent IBM i Ironstream for Splunk Data Collection from IBM i Collector Heavy Forwarder TCP/IP (optional TLS)
  • 14. Splunk 14 LPAR Agent LPAR Agent LPAR Agent IBM i Ironstream for Splunk Data Collection from IBM i Collector Heavy Forwarder TCP/IP (optional TLS)
  • 15. 15 Ironstream for Splunk Comprehensive Filtering
  • 16. 16 Ironstream for Splunk ✓ Easy to read text output
  • 17. 17 Ironstream for Splunk ✓ Simple to use in standard Splunk searches ✓ Easy to read text output
  • 18. 18 Ironstream for Splunk ✓ Simple to use in standard Splunk searches ✓ Easy to read text output ✓ Quick to produce visualizations for insights
  • 19. Example Dashboards • Security • Authorization Failures • Change Profile Events • System Value Changes • User Activities • Operations • Capacity Monitoring • CPU Utilization • Create/Delete objects • Disk Performance • Job Durations • LPAR Performance • Message Queue Events • System Performance • Employee Database Use Case19 Splunk Dashboards
  • 20. • Login activity • Command Usage • Object Creation, Movement, Restoration, Deletion • System Value changes • User Profile changes • Authority failures (objects, users) 20 Security Scenarios
  • 21. • Login activity • Command Usage • Object Creation, Movement, Restoration, Deletion • System Value changes • User Profile changes • Authority failures (objects, users) 21 Security Scenarios
  • 22. • Login activity • Command Usage • Object Creation, Movement, Restoration, Deletion • System Value changes • User Profile changes • Authority failures (objects, users) 22 Security Scenarios
  • 23. • Capacity metrics • Job durations • Disk performance • Utilization (CPU, Job, Subsystem) • LPAR performance • Storage Pool activities (faults, etc.) 23 Operational Insights
  • 24. • Capacity metrics • Job durations • Disk performance • Utilization (CPU, Job, Subsystem) • LPAR performance • Storage Pool activities (faults, etc.) 24 Operational Insights
  • 25. • Capacity metrics • Job durations • Disk performance • Utilization (CPU, Job, Subsystem) • LPAR performance • Storage Pool activities (faults, etc.) 25 Operational Insights
  • 26.
  • 27. Q & A 27 Further Information www.syncsort.com/products/ironstream