icon_CloudMgmt icon_DollarSign icon_Globe icon_ITAuto icon_ITOps icon_ITSMgmt icon_Mainframe icon_MyIT icon_Ribbon icon_Star icon_User icon_Users icon_VideoPlay icon_Workload icon_caution icon_close s-chevronLeft s-chevronRight s-chevronThinRight s-chevronThinRight s-chevronThinLeft s-chevronThinLeft s-trophy s-chevronDown

Let us know how we can help

Sales & Pricing

Speak to a rep about your business needs

Contact Sales

Help & Support

See our product support options

Contact Support

General inquiries and locations

Contact Us

BMC AMI Datastream for z/OS: Fundamentals Using (WBT)

For many large organizations, one or more IBM z/OS mainframes constitute a strategic capital investment for mission-critical applications, processes, and data. With security information and event management (SIEM) software platforms existing predominantly in distributed environments, the AMI Datastream for z/OS allows organizations to include mainframe event log data for a unified, multi-platform view of enterprise security event data in a single console. BMC AMI Datastream for z/OS is an agent program that you install and run on one or more LPARs to monitor system activity, collect process, and deliver SMF records, such as RACF, ACF2, Top Secret, TCP/IP, CICS, IMS, and other z/OS system and application events to your distributed SIEM in real-time.

In this course, the system programmers will learn in detail about the value of SIEM, the modify, start, and stop commands using the medium of engaging in self-paced web-based learning and guided simulations to better grasp concepts.

Contact an Education Advisor Pricing & Registration
Course Abstract

Major release:

BMC AMI Security

Good for:

System Programmers

Course Delivery:

Web Based Training (WBT) | 2 hours

Course Modules

  • Introduction to Datastream for z/OS
    • Introduction to BMC AMI Datastream for z/OS
    • Mainframe detection and responses
    • Understand SMF Records
    • Value for Command Center and ISV SIEM
    • Configuring Automated and Manual Responses
    • Difference between started tasks and batch jobs
    • Learn in detail about SMF Exits
    • IP Ports
    • Understand APF Authorization
    • ZIIP Enablement
  • Start and Stop Command
    • Understanding how to start the STCs
    • Learn about the Start Parameters
    • Startup Parms
    • Install startup parm
    • Understand the stop command
    • Stopping the STC
    • Stop Parameters
    • AMISSID parm
  • Modify Command
    • Understanding the modify command Understanding the
    • $$$ CZAPARMS
    • $$$SELCT
    • $$$CONSL
    • $$$SERVR
    • License keys
    • Display(OPTIONS)
  • Messages
    • Understanding messages
    • Understand STC syslog for any error messages
    • Maximum message size
    • Verify there are no new error messages in the Syslog
    • Understanding the message rates sent to all SIEMs
    • Maximum length of message in Datastream
    • Different message types
    • Multiple time formats in the Datastream Syslog
  • Tips and Tricks
    • Understanding Agent overhead (I/O, CPU, or memory
    • Analyzing HZS health check message
    • Value of the CZALDFIL utility
    • JCL ramifications of connecting simultaneously to multiple SIEMs
    • Understanding how the Datastream server communicates with the command center
    • Understanding the CZA0042I Message
    • Return codes
    • Refreshing the Datastream CZAPARMS parms