Splunk and the Mainframe: 6 Real-World Case Studies for ITOA, ITSI and SIEM
This eBook explores real-world case studies for ITOA, ITSI, and SIEM where new technologies can help leverage mainframe data in Splunk.
Splunk challenges with mainframe data
There are a number of different data sources that are available within the IBM z/OS mainframe that can be leveraged to provide insight into the operational health of the system and applications as well as providing visibility into security and compliance issues.
For example, the System Management Facility (SMF) on z/OS collects and records a large amount of information on performance, security, and technical operations. Terabytes of very useful information can be recorded daily. Virtually every operational event that occurs on the mainframe — from a simple log-in attempt at a particular workstation to a potential breach of system security — is captured and recorded in one or more SMF record types.
The challenge has been how to easily extract and analyze this data to answer the questions that need to be answered.
Today most organizations are still challenged to answer questions like:
- What is the health of my IT infrastructure?
- How well are my applications performing?
- What problems are impacting availability?
- When do I need to plan for additional capacity?
- Are we meeting our established Service Level Agreements (SLAs)?
- Are our IT services meeting the expectations of our customers and end-users?
- Are we exposed to potential security threats?
- Can we produce the necessary audit trails and reports required to meet compliance initiatives?
ITOA, ITSI & SIEM
The answer to these questions are typically addressed through the process of analyzing, managing, and recognizing the patterns and anomalies available within IT operational data.
There are three specific use cases which have emerged to encompass these analytical processes.
- IT Operational Analytics (ITOA)
- IT Service Intelligence (ITSI)
- Security Information and Event Management (SIEM)
Download this eBook to explore real world case studies for ITOA, ITSI, and SIEM where new technologies can provide answers to the questions challenging organizations.