piątek, 3 lipca 2015

IBM Tivoli Monitoring - Enforcive/Enterprise Security for IBM i [BSafe] (how to connect together)

Problem:
How to receive alerts intrusions which were detected by Enforcive Enterprise Security.
I would like to check any undesirable attempt login to database.

Solution:
1. Firstly, I prepared a suitable alert in EES Manager.
I builded an alert with conditions:
Application: Database
Event Type: Reject 
And in "Alert action" I defined the action: "Send Message to Message Queue" where I use i5 agent queue.
This alert will be fired when EES reject login to database. Result we can see on i5 server.


2. I builded a situation in ITM which checks messages queue that I defined in EES: "KMSOMLOG" on "QAUTOMON" library (default library i5 agent). Of course you can use different queue.
This situation will be fired when it checks messages on i5.

---
If you like this or not - please write any comments below, thanks:)
or if you have any questions please send me email. I'll try to explain more.  

---
Links: 
http://www.enforcive.com/enforcive-enterprise-security

Autor: o Brak komentarzy:
Etykiety: , , ,
Subskrybuj: Posty (Atom)