Re: iSeries Syslog support???? -- MIDRANGE-L

Unfortunately the commercial packages are all aimed at the old $300k+ to $10m AS/400 image. Pricing for the commercial packages, even for the smallest System i seems to range between $2500 and $4000 with a 20% yearly maintenance fee. Enough limited use packages like that for printing, auditing and backup and you can spend $400k on your new shiny $20k box.

And you wonder why the system is dying...basic tools, free on other systems, expensive on the System i...

Positively I will say that IBM seems to recognize the P05 tier is about $800 for a package and not much maintenance expense.

Regards,

Konrad

"Tom Liotta" <qsrvbas-VsqqI1RANlHk1uMJSBkQmQ@xxxxxxxxxxxxxxxx> wrote in message news:<h0btsk$nv9$1@xxxxxxxxxxxxxxxxxxx>...

Konrad Underkofler wrote:

Is this code available anywhere? Seems like a real need to translate the System Message Queue and Audit Journals to a syslog format and forward them on to a server.

Konrad:

<vendor>
PowerTech (now a Help/Systems company) markets Interact -- a (near)
real-time reporter of security related audit journal entries and
QSYSMSG messages for syslog. (Also specifically to ISS's Site
Protector.)
</vendor

Because the earlier reference was for a "commercial security
software package", it'd be a little surprising to find the code
freely available. From experience, I have to say that if the code is
commercial quality, it'd _really_ be surprising.

Handling numerous audit journal entries in order to format them for
syslog (and/or various syslog consoles) is far from a trivial task.
And if the information is converted into any resemblance of a
meaningful English statement, e.g., "The new *FILE MYLIB/MYFILE was
restored to the system; the object was unsignable" and all the other
potential sentences for different entry types, then I'd be amazed
that anyone went through so much work for such a focused and limited
market -- and then gave it away.

Just about anyone who's gone through that would want to be covered
at least for the time spent on the phone with IBM -- which can be
significant by itself.

Tom Liotta

gogo400 wrote ...

I actually wrote this exact thing some time ago for a commercial security
software package.

Anyone know of an opensource or free agent to convert the various AS400
security messages to a syslog format and forward them to a collector?

--
Tom Liotta
The PowerTech Group, Inc.
19426 68th Avenue South
Kent, WA 98032
Phone 253-872-7788 x313
253-479-1416
Fax 253-872-7904
http://www.powertech.com
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L-Zwy7GipZuJhWk0Htik3J/w@xxxxxxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request-Zwy7GipZuJhWk0Htik3J/w@xxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.

-- Disclaimer --
The information contained in this transmission may contain privileged and confidential information. It is intended only for the use of the person(s) named above. If you are not the intended recipient, you are hereby notified that any unauthorized disclosure, copying, distribution or reliance on the contents of this information is strictly prohibited and may constitute a violation of law. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.