z/OS SYSLOG data source types

The z/OS® SYSLOG Insight Pack includes support for ingesting, and performing metadata searches against, the following types of data sources: zOS-SYSLOG-Console, zOS-SYSLOG-SDSF, the three variations of zOS-CICS-MSGUSR, and zOS-syslogd.

zOS-SYSLOG-Console

z/OS SYSLOG data that is formatted by the user exit

zOS-SYSLOG-SDSF

z/OS SYSLOG data that is formatted by the System Display and Search Facility (SDSF)

zOS-CICS-MSGUSR, zOS-CICS-MSGUSRYMD, and zOS-CICS-MSGUSRDMY

CICS® Transaction Server for z/OS MSGUSR job log data.

Use one of the three variations of this source type, depending on the date format in the time stamp for the data source.

zOS-CICS-MSGUSR uses the default date format MDY.
zOS-CICS-MSGUSRYMD uses the format YMD.
zOS-CICS-MSGUSRDMY uses the format DMY.

zOS-syslogd

Syslogd data in UNIX System Services

Table 1 lists the configuration artifacts that are provided with the Insight Pack for each type of z/OS SYSLOG data source.

Table 1. Configuration artifacts that are provided with the z/OS SYSLOG Insight Pack
Data source type	Splitter	Annotator	Collection
`zOS-SYSLOG-Console`	`zOS-SYSLOG-Console-Split`	`zOS-SYSLOG-Console-Annotate`	`zOS-SYSLOG-Console-Collection`
`zOS-SYSLOG-SDSF`	`zOS-SYSLOG-SDSF-Split`	`zOS-SYSLOG-SDSF-Annotate`	`zOS-SYSLOG-SDSF-Collection`
`zOS-CICS-MSGUSR`	`zOS-CICS-MSGUSR-Split`	`zOS-CICS-MSGUSR-Annotate`	`zOS-CICS-MSGUSR-Collection`
`zOS-CICS-MSGUSRYMD`	`zOS-CICS-MSGUSRYMD-Split`	`zOS-CICS-MSGUSRYMD-Annotate`	`zOS-CICS-MSGUSRYMD-Collection`
`zOS-CICS-MSGUSRDMY`	`zOS-CICS-MSGUSRDMY-Split`	`zOS-CICS-MSGUSRDMY-Annotate`	`zOS-CICS-MSGUSRDMY-Collection`
`zOS-syslogd`	`zOS-syslogd-Split`	`zOS-syslogd-Annotate`	`zOS-syslogd-Collection`