Space banner This space provides the same content as before, but the organization of the home page has changed. The content is now organized based on logical branches instead of legacy book titles. We hope that the new structure will help you quickly find the content that you need.

Security and SIEM data

Session Monitor can be configured to deliver Security Incident and Event Management (SIEM) data to analytics and repor* How to establish a SIEM destination.ting tools, such as Splunk®.

This section explains:

  • How to establish a SIEM destination.
  • How to configure Splunk to receive Session Monitor SIEM data.
  • How to create and edit a SIEM user exit for 3270 data.
  • How to refine SIEM data.

The purpose of SIEM data refinement is to reduce, augment, and/or obfuscate data being sent to a SIEM tool. This gives a SIEM archive record request the ability to control the data being sent.

This section provides information about the following topics:

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*