Automatic response process overview

Z/OS ONLY

BMC AMI Datastream for z/OS can receive response requests from BMC AMI Command Center for Security (also called BMC Defender Server). Response requests can be sent manually or automatically through alerts (Automated Response). When an alert is received BMC AMI Datastream can automatically perform certain actions, for example issue a write-to-operator (WTO) message or run REXX execs on specified LPARs in the sysplex.

Related topics

Customizing-after-installation

Sample-CZAGENT-JCL-for-running-BMC-AMI-Datastream-as-a-started-task

To use automated response requests, perform the following tasks:

Task

Action

Reference

Verify that the required applications and versions are installed

In addition to BMC AMI Datastream version 7.1.00, you must also have BMC Defender Server version 6.2.00 installed.

Connect to BMC Defender Server

Configure a network forwarder and network listener on BMC Defender Server to forward alerts to BMC AMI Datastream and receive confirmation in return once any actions are taken.

Specify an automated response to BMC Defender Server alerts

Use the AUTOALERT statement to define the appropriate response, for example running a REXX exec or issuing a WTO, for specific action codes received from BMC Defender Server.

Enable BMC AMI Datastream alert automation

Switch on AUTOMATE in $$$CONFG to add the $$$AUTO member to CZAPARMS. You use $$$AUTO to configure both the AUTOMATE and AUTOALERT statements.

Issue the PARMS command

Send the new operating parameters to BMC AMI Datastream to begin using alert automation.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*