Discussion:
Syncsort With Splunk
(too old to reply)
Jake Anderson
2017-06-08 16:02:38 UTC
Permalink
Raw Message
Hi

Is there anybody in the group who have used syncsort with Splunk ?

My understanding about Splunk is that it is just a log analuzer. Apart from
this what are the other benefits that other monitoring products do not
provide ?

Can someone shed your experience on the above.

This is purely for the knowledge purpose not resolving any issue.

Regards
Jake

----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to ***@listserv.ua.edu with the message: INFO IBM-MAIN
Pew, Curtis G
2017-06-08 16:53:36 UTC
Permalink
Raw Message
On Jun 8, 2017, at 11:03 AM, Jake Anderson <***@GMAIL.COM<mailto:***@GMAIL.COM>> wrote:

Is there anybody in the group who have used syncsort with Splunk ?

We forward our OPERLOG to Splunk, although we don’t use Syncsort’s forwarder. (I wrote my own; it wasn’t that hard.)

Our main motivation was to show that the mainframe group are “team players” since everyone else around here was investing in Splunk, but it is actually quite useful. We’ve set up a few regular reports of classes of ABENDs or other errors we like to keep track of, and it allows us to go back and do searches for messages when an issue arises that we hadn’t foreseen.


----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to ***@listserv.ua.edu with the message: INFO IBM-MAIN
Jake Anderson
2017-06-10 13:05:49 UTC
Permalink
Raw Message
I have used syncsort in Mainframe but don't know how splunk would speak to
syncsort running in zOS.

Is there any architecture diagram or Manual which can help me to understand
?
Post by Jake Anderson
Is there anybody in the group who have used syncsort with Splunk ?
We forward our OPERLOG to Splunk, although we don’t use Syncsort’s
forwarder. (I wrote my own; it wasn’t that hard.)
Our main motivation was to show that the mainframe group are “team
players” since everyone else around here was investing in Splunk, but it is
actually quite useful. We’ve set up a few regular reports of classes of
ABENDs or other errors we like to keep track of, and it allows us to go
back and do searches for messages when an issue arises that we hadn’t
foreseen.
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to ***@listserv.ua.edu with the message: INFO IBM-MAIN
Blaicher, Christopher Y.
2017-06-10 14:27:12 UTC
Permalink
Raw Message
It is not Splunk speaking to Syncsort the MFX sort product, it is the Syncsort Ironstream product sending data to Splunk.

See http://www.syncsort.com/en/Products/Mainframe/Ironstream

If you download the trial copy from there you get the manual.

Chris Blaicher
Technical Architect
Mainframe Development
P: 201-930-8234 | M: 512-627-3803
E: ***@syncsort.com

Syncsort Incorporated
2 Blue Hill Plaza #1563
Pearl River, NY 10965
www.syncsort.com

Data quality leader Trillium Software is now a part of Syncsort.


-----Original Message-----
From: IBM Mainframe Discussion List [mailto:IBM-***@LISTSERV.UA.EDU] On Behalf Of Jake Anderson
Sent: Saturday, June 10, 2017 9:07 AM
To: IBM-***@LISTSERV.UA.EDU
Subject: Re: Syncsort With Splunk

I have used syncsort in Mainframe but don't know how splunk would speak to syncsort running in zOS.

Is there any architecture diagram or Manual which can help me to understand ?
Post by Jake Anderson
Is there anybody in the group who have used syncsort with Splunk ?
We forward our OPERLOG to Splunk, although we don’t use Syncsort’s
forwarder. (I wrote my own; it wasn’t that hard.)
Our main motivation was to show that the mainframe group are “team
players” since everyone else around here was investing in Splunk, but
it is actually quite useful. We’ve set up a few regular reports of
classes of ABENDs or other errors we like to keep track of, and it
allows us to go back and do searches for messages when an issue arises
that we hadn’t foreseen.
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions, send
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions, send email to ***@listserv.ua.edu with the message: INFO IBM-MAIN

________________________________



ATTENTION: -----

The information contained in this message (including any files transmitted with this message) may contain proprietary, trade secret or other confidential and/or legally privileged information. Any pricing information contained in this message or in any files transmitted with this message is always confidential and cannot be shared with any third parties without prior written approval from Syncsort. This message is intended to be read only by the individual or entity to whom it is addressed or by their designee. If the reader of this message is not the intended recipient, you are on notice that any use, disclosure, copying or distribution of this message, in any form, is strictly prohibited. If you have received this message in error, please immediately notify the sender and/or Syncsort and destroy all copies of this message in your possession, custody or control.

----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to ***@listserv.ua.edu with the message: INFO IBM-MAIN
Loading...