A log forwarder for the IBM Z HMC
Project description
A log forwarder for the IBM Z HMC
Overview
The zhmc-log-forwarder package provides a log forwarder for the IBM Z HMC, written in pure Python.
It contains a command named zhmc_log_forwarder that collects security logs and audit logs from the Z HMC and forwards the log entries to various destinations, such as stdout, the local syslog, or a QRadar service.
The command can gather log entries from the past, since a specified date and time, or since specific points such as now or all available entries. The command can in addition subscribe for notifications from the HMC about new log entries, so that it can wait for any future log entries to appear.
A short overview presentation is here: IBM_Z_HMC_Log_Forwarder.pdf.
Installation
Because the zhmc_log_forwarder package is not on Pypi yet, it needs to be installed directly from its Git repo:
$ pip install git+https://github.ibm.com/zhmcclient/zhmc-log-forwarder.git@VERSION#egg=zhmc-log-forwarder
where VERSION needs to be replaced with the package version or branch name you want to install. For example, to install the version from the master branch, issue:
$ pip install git+https://github.ibm.com/zhmcclient/zhmc-log-forwarder.git@master#egg=zhmc-log-forwarder
This will install the package and all of its prerequisite packages into your current Python environment.
It is recommended to use a virtual Python environment, in order not to clutter up your system Python.
Quickstart
Make sure you installed the zhmc_log_forwarder package (see the previous section).
Create a config file for the zhmc_log_forwarder command. The config file specifies the targeted HMC, the desired destination for the logs, and other data.
An example config file with explanations of the parameters is shown when invoking:
$ zhmc_log_forwarder --help-config-file
Redirect that output into a file and edit that file as needed.
Optional: The zhmc_log_forwarder package includes a default HMC log message file. That file is used when generating CADF output format and defines how the HMC log messages are classified in the CADF output. It is possible to specify your own HMC log message file using the log_message_file parameter in the config file. When omitting this parameter, or when setting it to null, the default HMC log message file included with the zhmc_log_forwarder package is used.
An example HMC log message file explaining its format is shown when invoking:
$ zhmc_log_forwarder --help-log-message-file
Start the zhmc_log_forwarder command as follows:
$ zhmc_log_forwarder -c CONFIGFILE
Where CONFIGFILE is the file path of the created config file.
The command will run forever (or until stopped with Ctrl-C) and will forward the log records as specified in the config file.
Note that neither installation nor usage of the zhmc_log_forwarder command requires cloning this Github repo or being in a specific directory.
License
The zhmc-log-forwarder package is licensed under the Apache 2.0 License.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for zhmc-log-forwarder-0.10.0.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | 354805c25e824c5e28bc290ff832130c00f3733f5b5c780f0983fedaa0aa341a |
|
MD5 | 2559996120c2ac5db79843e12689f40f |
|
BLAKE2b-256 | d667a994ac57c942b1ce5a69d6a242665e822874690e01c0082dc81abc016e84 |
Hashes for zhmc_log_forwarder-0.10.0-py2.py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | fdb37479723bd5194c19415c3ea7a6f2c21bb4d1c61d61b4f0549c32042636d6 |
|
MD5 | d3aec8cedfaf44cdd27c3d81750d3b4c |
|
BLAKE2b-256 | 298bd7cb19d4d4feb7729eac45ac003f700f830f95a637e025e22d2ee4385a2d |