All of your system activity should be fully logged and supported by robust reporting and alerting capabilities. This allows you complete visibility to all actions performed by system users and the ability to detect unauthorized or inappropriate activity.
Real-time alerts and scheduled reports
Rocket® Servergraph consolidates logs from all your backup applications for effective, centralized management. Real-time alerts and reports can be scheduled for automated delivery to reviewers. These reports can include backup job status notifications, as well as server health monitoring. Configurable reports allow you to define the specific activities and thresholds that generate notifications, from backup errors to disk space alerts, and the automated distribution ensures that your monitoring controls over these issues are coordinated efficiently.
Servergraph archives every kind of log for as long as you need them. The retention period is configurable for any duration. This ensures that all historical evidence will be available to you when requested by an auditor or examiner—which often requires looking back a year or more.
Servergraph logs also show user activity within the application, such as logins and changes to traps or reporting configuration.
Complete logging functionality throughout development projects
Rocket® DevOps Lifecycle Manager utilizes logging functionality throughout development projects, as well as within the administration of the ALM application itself.
Preloaded report templates are available to cover all your audit, examination, and security control requirements. Reports that are commonly used for security and compliance include detailed user account lists with their associated access rights for each release, permissions defined within custom roles, and a log of changes made to any user access rights or role-based permissions over a period of time. These logs can be generated independently by a reviewer with appropriately restricted, read-only rights to maintain segregation of duties.
All development activities are similarly logged, including code check-outs and check-ins, migrations, reviews, and approvals. These detailed reports provide you with an end-to-end record of every development action so you can monitor the operating effectiveness of your change controls, and provide everything you need to satisfy your auditors and examiners.
Monitor all API calls and deployments
Rocket® API logging functionality allows you to record the full details of every API call performed through the system, showing the user accessing the function, the data being accessed, values being read or written, and associated metadata. This detailed log enables you to report on all types of access to sensitive data—a critical component of many data security regulations.
In addition to API calls to your mainframe, Rocket Access and Connectivity Hub (RACH) audit logging records all user activity within the application, including uploading and deployment of compiled APIs as well as administration of the application itself, providing individual accountability for all access and activity.
Securely record and report all Mainstar and OpenTech activity on the host system
All actions performed in an IBM z environment through Rocket Mainstar and OpenTech are recorded within the Resource Access Control Facility (RACF) and traceable to the individual users executing the functions. Changes to access rights within the Security Authorization Facility (SAF) that could affect the operations of Mainstar and OpenTech users are also recorded. This ensures an audit trail for any actions that could affect the availability and integrity of your data, and which is integrated into your host system logs for ease of maintenance. The System Management Facility (SMF) provides a method for securely recording and reporting on administrative activities.
Enable native logging and monitoring within your host environment
Rocket® BlueZone provides a remote interface for your terminal users to your host system, and the built-in logging mechanisms inherent to your host system record all activities initiated through BlueZone sessions. There is no need to maintain a separate log management function specifically for BlueZone–it is all documented in your existing logs and reports.