Skip to Content
Information
Space announcement This space provides the same content as before, but the organization of the home page has changed. The content is now organized based on logical branches instead of legacy book titles. We hope that the new structure will help you quickly find the content that you need.

Examples and scenarios

BMC AMI Datastream for IMS provides the extracted data to different Analytics tools such as SPLUNK, ELK, QRADAR where the data can be analyzed and used for different purposes like audit, security, DB health, and so on.

Analyzing extracted data using Splunk

The data is provided in JSON format and the events or extracted log record types can be identified easily by splitting the fields by each event in a row as shown in the following example:

datastrmims-new-1.jpg

Example - IMS log record types extracted by IMS

the following figure shows how you can create a dashboard to identify which IMS log record types have been extracted by IMS: 

datastrmims-new-2.jpg

Example - IMS security violations

The following figure shows how you can identify security data for IMS security violations by IMS log record type x’10’:

datastrmims-new-3.jpg


Example - Database access by usage of F8 log record types for DB read activity

The following figure shows how auditing the database access by the usage of F8 log record types for DB read activity looks on a pie chart. (This pie chart shows top ten databases that have been read):

datastrmims-new-4.jpg

Example - Database user access

The following figure shows a graph generated when there is a cross-reference between the database and the user that has accessed the database. This information algorithm can be useful to identify security issues or auditing information.

datastrmims-new-5.jpg

Example - Identifying database updates by x’50’ log record types

The following figure shows how BMC AMI Datastream for IMS can help you identify database updates by x’50’ log record types.

datastrmims-new-6.jpg

Example - Analyzing signon or signoff user data by x’16’ log record type

The following figure shows how BMC AMI Datastream for IMS can help you analyze signon or signoff user data by x’16’ log record type.

datastrmims-new-7.jpg

 

Analyzing extracted data using Elastic

As the data is provided in JSON format, the events can be sent to ELK and be analyzed from this tool (similar to SPLUNK) having the ability to create the dashboards to identify information useful to IMS.

Example - ELK events look similar to SPLUNK

datastrmims-new-8-1.jpg


Example of IMS database updates cross-referenced by transactions (IMS x’F8’ log records)

The following figure shows how you can cross-reference IMS database updates by transactions (IMS XF8 log records). BMC AMI Defender for IMS also identifies how many times the transactions have been having access to a specific database.

datastrmims-new-9.jpg


Example - IMS database reads cross-referenced by job names (IMS x’F8’ log records)

The following figure shows how you can cross-reference IMS database reads by job names (IMS x’F8’ log records).

datastrmims-new-10.jpg


Example - Identifying DB activity by specific LPAR

The following figure shows how you can verify verify the database usage or activity from different LPARs.

datastrmims-new-11.jpg


Example - Identifying performance issues

The following example shows how BMC AMI Datastream for IMS can identify date and time where the IMS system had more activity, analyze the usage of the IMS system and find out any possible performance issues:

datastrmims-new-12.jpg




 


 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*

BMC AMI Datastream for IMS 3.3.01