ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.
Send TSS messages to Z/OS syslogd daemon
Article ID: 110145
Top SecretTop Secret - LDAP
How to send TSS violation messages to a SIEM system (Splunk) outside z/os using syslogd services
We want to send TSS violation messages to a SIEM system (Splunk) outside z/os using syslogd services. Can TSS send the violation messages to a local syslog in Z/OS.
You can send some violation messages via the LOG control Option by setting SEC9: SEC9 Routes the following violation summary messages to the security console through route code 9: TSS7100E TSS7220E TSS7200E TSS7250E
Here is the link for the SEC Control Option: https://docops.ca.com/ca-top-secret-for-z-os/16-0/en/using/specifying-control-options-to-modify-your-security-environment/logcontrol-event-logging