This site will undergo a maintenance outage on Saturday, 13 September beginning at 2:30 AM Central/1 PM IST for a platform upgrade. The downtime will be ~three hours.

GENERIC event type

BMC AMI Defender includes an API1 event definition named GENERIC. It is intended for use in simple CZALDFIL applications. It is suitable only for files that are entirely in EBCDIC such as print reports. It has the following characteristics:

Major Type

CorreLog (12)

Minor Type

11

Process name

Generic

CEF ID

Generic

LEEF ID

Generic

Default severity

INFOrmational

GENERIC event fields

The use of any of the Record fields with RECFM=Vxx files implies the use of LENgth(REMove) because they are character fields that are defined as beginning at offset 0 into the record. In other words, they include any LLBB field if one were one present.

Name
(Filter)

Tag
 CEF Name

Description

GenericCAT

Cat
 cat

Constant Generic

Record
 (EGNX)

Record

Contents of the record, starting at offset 0, in character format

Record_1500
 (EGNX)

Record

Contents of the record, starting at offset 0, in character format, but limited to a maximum of 1500 characters

Record_Hex_100

Record_Hex

Contents of the record, starting at offset 0, in hexadecimal format, and limited to a maximum of 100 bytes (200 hex characters)

GENERIC event parameter file sample

The following code sample shows a fragment of a BMC AMI Defender parameter file with sample statements that you can use to exploit the GENERIC type:

SELECT EVENT(GENERIC)   
...                                  
EVENT GENERIC +                   
      Fields(  +                  
          EventNonSMFIdent +      
          EventNonSMFLength +     
          Record_1500 +           
            )                        

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*