This website uses cookies. By clicking OK, you consent to the use of cookies. Click Here to learn more about how we use cookies.
OK
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

RSA enVision® Discussions

Browse the RSA enVision discussion board to get product help and collaborate with other users of RSA enVision.
RSAAdmin
Beginner
Beginner
‎2008-03-17 11:15 PM

DB2 on AIX

The following is an XML for DB2 on AIX
db2aix.zip
0 Likes
Reply
4 Replies
AnkushBaveja
Employee
Employee
‎2009-06-23 02:20 AM

Hi Dave,

 

Could you explain, how to forward the db2 on aix  logs to envision

 

 

Regards

abaveja

0 Likes
Reply
RSAAdmin
Beginner
Beginner
In response to AnkushBaveja
‎2009-06-23 11:35 AM

The process is as follows

 

The db2 extract command is run on the AIX machine - This will copy and convert the binary audit files to ASCII.

The nicsftp shell script is running on the aix machine looking for the db2 logs

The logs are then forwarded to envision by the nicsftpagent shell script

 

Hope that helps

 

Dave

 

0 Likes
Reply
AnkushBaveja
Employee
Employee
In response to RSAAdmin
‎2009-06-24 12:27 AM

Thanks dave .. kudos :smileyhappy:

I will try it and post the result asap

 

Regards

abaveja

0 Likes
Reply
AnkushBaveja
Employee
Employee
In response to RSAAdmin
‎2009-06-30 04:50 AM

Hi Dave,

I have couple of questions for you

 

1) The ascii log looks like 

timestamp=2009-06-25-17.50.12.409856;category=VALIDATE;audit event=AUTHENTICATION;
  event correlator=2;event status=0;
  database=DEVDBS;userid=db2inst1;authid=DB2INST1;execution id=db2inst1;
  origin node=0;coordinator node=0;
  application id=*LOCAL.db2inst1.090625122012;application name=DB2HMON;
  auth type=SERVER;plugin name=IBMOSauthserver;

 

This log is not similar to the parsers you have written?
Is there any modification required from db2 side while collecting the logs?

 

2) While running the nicsftpagent.sh we need to give the directory path in envision where the logs will be transfered, the way to create this directory is to add a new file reader device in universal device collection(version 4.0). And then modify the definition of that device by configuring
     name : db2aix
     device tag :  ?
     data start line : 1
     message id location : 1
     field delimter : ;
     line delimiter : LF

What do you suggest, these entries should be based on the log above ?

Any other suggestions

 

Regards
abaveja

 

0 Likes
Reply
© 2020 RSA Security LLC or its affiliates.
All rights reserved.