Limited supportBMC provides limited support for this version of the product. As a result, BMC no longer accepts comments in this space. If you encounter problems with the product version or the space, contact BMC Support.BMC recommends upgrading to the latest version of the product. To see documentation for that version, see BMC AMI Datastream for z/OS 7.1.

AUTOMATE statement

The AUTOMATE statement enables and disables alert automation within BMC AMI Defender.

(SPE2010) Enabling AUTOMATE creates an Extended Multiple Console Support (EMCS) console, which can issue commands and return responses to the caller. Refer to the IBM Knowledge Center for more information about EMCS consoles.

The AUTOMATE statement is in the $$$AUTO member.

Important

You can modify the $$$AUTO member in the amihlq.CZAGENT.PARM data set.

$$$AUTO is included in CZAPARMS if the AUTOMATE switch setting in $$$CONFG is on.

Using AUTOMATE

You can define only one AUTOMATE statement. The following are examples of how you configure the AUTOMATE statement:

AUTOMATE_statement_SPE2101.png

Sample from $$$AUTO

AUTOMATE +
  PORT(49252) +                      ; Dynamic Port Number
  TCPIPSTACK(TCPIP) +                ; TCP/IP Stack Name
  TLS(OPTIONAL) +                    ; TLS(REQUIRED | OPTIONAL)
  THREADS(10) +                      ; Number of REXX threads 1-50
  TIMEOUT(10) +                      ; Number of seconds until timeout
  ENABLE +                           ; Enable AUTOMATE
; DISABLE +                          ; Disable AUTOMATE
  DESCRIPTION('Alert Automation')

Statement parameters

AUTOMATE uses the following parameters:

Parameter

Description

PORT(assignedListenerPort)

Port number of the alert notfication receiver

The port used by BMC AMI Command Center for Security to notify BMC AMI Defender of identified alerts.

TCPIPSTACK(tcpipStack)

TCP/IP stack name

Name of the TCP/IP stack used for network TCP/IP communications. Check with your z/OS administrator for this name.

TLS(REQUIRED|OPTIONAL)

Binary option to require or not AT-TLS support

  • To indicate that the connection only can use a TCP/TLS communication protocol, use REQUIRED.
  • To indicate that the connection can use either a TCP or TCP/TLS communication protocol, use OPTIONAL.

If you omit TLS, the default value OPTIONAL is used.

THREADS(REXXExecThreads)

Number of REXX exec threads to create

For use with XAPIID(LOCAL) only. Indicate the number of REXX exec threads (1–50) for BMC AMI Defender to create. Each thread runs one automation alert. For systems that require more concurrent automation alerts, increase this value.

If you omit THREADS, the default value 10 is used.

If you specify a value of 0 for THREADS, the default value 1 is used.

TIMEOUT(numberOfSeconds)

(SPE2101)


Number of seconds to wait

For use with XAPIID(LOCAL) only. Indicate the number of seconds, from 1 to 999,999, to wait for the alert to be scheduled by BMC AMI Defender. If you never want an alert to time out, enter 0 (zero).

This option is useful if you have a low number of THREADS or a spike in automated alerts.

If you omit TIMEOUT, the default value 10 is used.

ENABLE|DISABLE

Enable or disable alert automation

If you omit this parameter, the default value ENABLE is used.

DESCRIPTION(‘automateTaskDesc’)

A 1–40 character string

You must enclose the string in single quotation marks ( ). It can be any meaningful description of the automation task. For example, you might want to use a description that distinguishes test automation from production alert automation.

AUTOMATE_statement_SPE2010.png

Sample from $$$AUTO

AUTOMATE +
  PORT(49252) +                      ; Dynamic Port Number
  TCPIPSTACK(TCPIP) +                ; TCP/IP Stack Name
  TLS(OPTIONAL) +                    ; TLS(REQUIRED | OPTIONAL)
  THREADS(10) +                      ; Number of REXX threads 1-50
  ENABLE +                           ; Enable AUTOMATE
; DISABLE +                          ; Disable AUTOMATE
  XAPIID(LOCAL) +                   ; BMC Enterprise Connector XAPIID
  APPNAME(AMIZOS) +                  ; BMC Active Ent. Connector App.
  DESCRIPTION('Alert Automation')

Statement parameters

AUTOMATE uses the following parameters:

Parameter

Description

PORT(assignedListenerPort)

Port number of the alert notfication receiver

The port used by BMC AMI Command Center for Security to notify BMC AMI Defender of identified alerts.

TCPIPSTACK(tcpipStack)

TCP/IP stack name

Name of the TCP/IP stack used for network TCP/IP communications. Check with your z/OS administrator for this name.

TLS(REQUIRED|OPTIONAL)

Binary option to require or not AT-TLS support

  • Use REQUIRED to indicate that the connection only can use a TCP/TLS communication protocol.
  • Use OPTIONAL to indicate that the connection can use either a TCP or TCP/TLS communication protocol.

If you omit TLS, the default value OPTIONAL is used.

THREADS(REXXExecThreads)

Number of REXX exec threads to create

For use with XAPIID(LOCAL) only. Indicate the number of REXX exec threads (1–50) for BMC AMI Defender to create. Each thread runs one automation alert. For systems that require more concurrent automation alerts, increase this value.

If you omit THREADS, the default value 10 is used.

If you specify a value of 0 for THREADS, the default value 1 is used.

ENABLE|DISABLE

Enable or disable alert automation

If you omit this parameter, the default value ENABLE is used.

XAPIID(LOCAL|enterpriseConnectID)

Application to use for handling alert automation

  • Use LOCAL to specify that BMC AMI Defender will handle the alerts.

  • Use enterpriseConnectID to specify the unique identifier of the BMC AMI Defender AMIZOS Automated Response (AR) plug-in that you want to use to handle the alerts. This parameter must match the XAPIID parameter defined in the Resident Security Server configuration member for the AMIZOS AR plug-in.

    Warning

    This parameter must not match the RSSID parameter defined in the started task procedures for 

    Resident Security Server

     and the 

    Resident Security Server

     TSO address spaces. If the values are the same, the connection fails and the automated response is disabled.
     For more information about RSSID, see The enterpriseConnector Identifier in the BMC AMI Enterprise Connector Installation Guide

     .

If you omit this parameter, the default value LOCAL is used.

APPNAME(enterpriseConnectName)

Name of the activated application required for the Alert Automation functionality, in this case AMIZOS

Do not change this value unless specifically instructed to do so by BMC support personnel.

DESCRIPTION(‘automateTaskDesc’)

A 1–40 character string

You must enclose the string in single quotation marks ( ). It can be any meaningful description of the automation task. For example, you might want to use a description that distinguishes test automation from production alert automation.

AUTOMATE_statement_6.1.png

Sample from $$$AUTO

AUTOMATE +
   PORT(49252) +                      ; Dynamic Port Number
   TCPIPSTACK(TCPIP) +                ; TCP/IP Stack Name
   TLS(OPTIONAL)                      ; TLS(REQUIRED | OPTIONAL)
   THREADS(1) +                       ; 0=Disable 1=Enable
   XAPIID(AMIZOS) +                   ; BMC Enterprise Connector XAPIID
   APPNAME(AMIZOS) +                  ; BMC Active Ent. Connector App.
   DESCRIPTION('AMI Defender Alert Automation')

Statement parameters

AUTOMATE uses the following parameters:

Parameter

Description

PORT(assignedListenerPort)

Port number of the alert notfication receiver

The port used by BMC AMI Command Center for Security to notify BMC AMI Defender of identified alerts.

TCPIPSTACK(tcpipStack)

TCP/IP stack name

Name of the TCP/IP stack used for network TCP/IP communications. Check with your z/OS administrator for this name.

TLS(REQUIRED|OPTIONAL)

Binary option to require or not AT-TLS support

  • Use REQUIRED to indicate that the connection only can use a TCP/TLS communication protocol.
  • Use OPTIONAL to indicate that the connection can use either a TCP or TCP/TLS communication protocol.

If you omit TLS, the default value OPTIONAL is used.

THREADS(0|1)

Binary option to enable or disable automatic alerts

Enter 0 to disable or one 1 to enable the Alert Automation interface.

XAPIID(enterpriseConnectID)

Unique identifier of the BMC AMI Defender AMIZOS Automated Response (AR) plug-in used for communication with BMC AMI Defender

This parameter must match the XAPIID parameter defined in the Resident Security Server configuration member global statement for the AMIZOS AR plug-in.

Warning

This parameter must not match the RSSID parameter defined in the started task procedures for Resident Security Server and the Resident Security Server TSO address spaces. If the values are the same, the connection fails and the automated response is disabled.

For more information about RSSID, see The enterpriseConnector Identifier in the BMC AMI Enterprise Connector Installation Guide .

APPNAME(enterpriseConnectName)

Name of the activated application required for the Alert Automation functionality, in this case AMIZOS

Do not change this value unless specifically instructed to do so by BMC support personnel.

DESCRIPTION(‘automateTaskDesc’)

A 1–40 character string

You must enclose the string in single quotation marks ( ). It can be any meaningful description of the automation task. For example, you might want to use a description that distinguishes test automation from production alert automation.

Related topics

Parameter-file-statements

AUTOALERT-statement

Automatic-response-process-overview

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*