Splunk and the Mainframe: 6 Real-World Case Studies for ITOA, ITSI and SIEM
There are a number of different data sources that are available within the IBM z/OS mainframe that can be leveraged to provide insight into the operational health of the system and applications as well as providing visibility into security and compliance issues. For example, the System Management Facility (SMF) on z/OS collects and records a large amount of information on performance, security, and technical operations. Terabytes of very useful information can be recorded daily. Virtually every operational event that occurs on the mainframe — from a simple log-in attempt at a particular workstation to a potential breach of system security — is captured and recorded in one or more SMF record types.
The challenge has been how to easily extract and analyze this data to answer the questions that need to be answered.
Today most organizations are still challenged to answer questions like: What is the health of my IT infrastructure? How well are my applications performing? What problems are impacting availability? When do I need to plan for additional capacity? Are we meeting our established Service Level Agreements (SLAs)? Are our IT services meeting the expectations of our customers and end-users? Are we exposed to potential security threats? Can we produce the necessary audit trails and reports required to meet compliance initiatives?
Syncsort GmbH / Precisely, Inc.