Automatic response process overview
BMC AMI Defender for z/OS can receive response requests from BMC AMI Command Center for Security (also called BMC Defender Server). Response requests can be sent manually (Manual Response SPE2101) or automatically through alerts (Automated Response). When an alert is received BMC AMI Defender can automatically perform certain actions, for example issue a Write To Operator (WTO) message or run REXX execs on specified LPARs in the sysplex.
To use automated response requests, perform the following tasks:
Task | Action | Reference |
|---|---|---|
Verify that the required applications and versions are installed | In addition to BMC AMI Defender version 6.1.00, you must also have BMC Defender Server version 6.1.00 installed. | |
Connect to BMC Defender Server | Configure a network forwarder and network listener on BMC Defender Server to forward alerts to BMC AMI Defender and receive confirmation in return once any actions are taken. | |
Specify an automated response to BMC Defender Server alerts | Use the AUTOALERT statement to define the appropriate response, for example running a REXX exec or issuing a WTO, for specific action codes received from BMC Defender Server. | |
Enable BMC AMI Defender alert automation | Switch on AUTOMATE in $$$CONFG to add the $$$AUTO member to CZAPARMS. You use $$$AUTO to configure both the AUTOMATE and AUTOALERT statements. | |
Issue the PARMS command | Send the new operating parameters to BMC AMI Defender to begin using alert automation. |
Related topic