How to send TSS violation messages to a SIEM system (Splunk) outside z/os using syslogd services
We want to send TSS violation messages to a SIEM system (Splunk) outside z/os using syslogd services. Can TSS send the violation messages to a local syslog in Z/OS.
You can send some violation messages via the LOG control Option by setting SEC9: SEC9 Routes the following violation summary messages to the security console through route code 9: TSS7100E TSS7220E TSS7200E TSS7250E
Here is the link for the SEC Control Option: https://docops.ca.com/ca-top-secret-for-z-os/16-0/en/using/specifying-control-options-to-modify-your-security-environment/logcontrol-event-logging