Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Configuring Raz-Lee ISecurity

To collect security and audit events, you must configure your Raz-Lee iSecurity installation to forward syslog events to JSA.

  1. Log in to the IBM System I command-line interface.
  2. Type the following command to access the audit menu options:

    STRAUD

  3. From the Audit menu, select 81. System Configuration.
  4. From the iSecurity/Base System Configuration menu, select 31. SYSLOG Definitions.
  5. Configure the following parameters:
    1. Send SYSLOG message - Select Yes.

    2. Destination address— Type the IP address of JSA.

    3. Facility to use— Type a facility level.

    4. Severity range to auto send - Type a severity level.

    5. Message structure— Type any additional message structure parameters that are needed for your syslog messages.

Syslog events that are forwarded by Raz-Lee iSecurity are automatically discovered by JSA by the IBM AS/400 iSeries DSM. In most cases, the log source is automatically created in JSA after a few events are detected. If the event rate is low, then you might be required to manually create a log source for Raz-Lee iSecurity in JSA.

Until the log source is automatically discovered and identified, the event type displays as Unknown on the Log Activity tab of JSA.