A fix is available
APAR status
Closed as new function.
Error description
SSE QRadar SIEM integration
Local fix
n/a
Problem summary
**************************************************************** * USERS AFFECTED: All customers requiring zSecure to interface * * with QRadar SIEM. * **************************************************************** * PROBLEM DESCRIPTION: NEW FUNCTION * * . * * Integration of zSecure Audit with * * QRadar SIEM for z/OS, RACF, ACF2, Top * * Secret, DB2, and CICS. * * . * * This new function also makes the * * JAVA_SIMPLEDATE format available in * * zSecure. * **************************************************************** * RECOMMENDATION: * **************************************************************** zSecure Audit is to be enhanced so as to transform SMF records into the Log Event Enhanced Format records required for input to QRadar SIEM.
Problem conclusion
Temporary fix
Comments
zSecure Audit has been enhanced to transform SMF records into the Log Event Enhanced Format (LEEF) records required for input to QRadar SIEM. - PLEASE NOTE the following documentation change for Security zSecure Suite: CARLa-Driven Components Version 1.13 Installation and Deployment Guide (SC14-7662-00) - A new chapter has been added: Setting up data preparation for QRadar SIEM - Futher information can be located at this URL: http://www.ibm.com/support/docview.wss?uid=swg21606082
APAR Information
APAR number
OA40009
Reported component name
ZSEC BASE,ADMIN
Reported component ID
5655T0100
Reported release
1D0
Status
CLOSED UR1
PE
NoPE
HIPER
NoHIPER
Special Attention
YesSpecatt / New Function
Submitted date
2012-07-23
Closed date
2012-07-27
Last modified date
2012-08-08
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
UA66091
Modules/Macros
CKRFMT CKRINMO CKRINS2 CKROUBU CKROUNIT CKRPRTFL CKRZPOST C2ECQRLF C2EEQRFH C2EJQRLF C2ELEEF C2ELENV C2EQAENV C2EQAUSA C2EQAUSR C2EQAUST C2EQCES C2EQENV C2EQFIN C2EQRENV C2EQSPEC C2EQTENV C2EQXES C2EQ0ES C2R$PARM
Fix information
Fixed component name
ZSEC BASE,ADMIN
Fixed component ID
5655T0100
Applicable component levels
R1D0 PSY UA66091
UP12/07/31 P F207
Fix is available
Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.
Rate this page:
Average rating
Copyright and trademark information
IBM, the IBM logo and ibm.com are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml.