Send TSS messages to Z/OS syslogd daemon
Article ID: 110145
Updated On:
Products
Top Secret
Top Secret - LDAP
Issue/Introduction
How to send TSS violation messages to a SIEM system (Splunk) outside z/os using syslogd services
We want to send TSS violation messages to a SIEM system (Splunk) outside z/os using syslogd services. Can TSS send the violation messages to a local syslog in Z/OS.
We want to send TSS violation messages to a SIEM system (Splunk) outside z/os using syslogd services. Can TSS send the violation messages to a local syslog in Z/OS.
Environment
z/os
Resolution
You can send some violation messages via the LOG control Option by setting SEC9:
SEC9
Routes the following violation summary messages to the security console through route code 9:
TSS7100E
TSS7220E
TSS7200E
TSS7250E
Here is the link for the SEC Control Option:
https://docops.ca.com/ca-top-secret-for-z-os/16-0/en/using/specifying-control-options-to-modify-your-security-environment/logcontrol-event-logging
SEC9
Routes the following violation summary messages to the security console through route code 9:
TSS7100E
TSS7220E
TSS7200E
TSS7250E
Here is the link for the SEC Control Option:
https://docops.ca.com/ca-top-secret-for-z-os/16-0/en/using/specifying-control-options-to-modify-your-security-environment/logcontrol-event-logging
Feedback
Yes
No
Powered by
