How do you monitor IBM VIOS ?

edoardo_vicendo · ‎12-30-2021

Hello,

We have IBM VIOS servers running AIX and we need to monitor them, mainly in term of Security.

Is there anyone having experience on that? Did you installed a Splunk Universal Forwarder or are you sending data out via syslog?

Thanks a lot,

Edoardo

inventsekar · ‎01-02-2022

Hi @edoardo_vicendo as per my understanding, AIX should be fine to install a UF and pull logs.

as this post is from 2019 and it also suggests the UF installation procedure of .TAR file..

https://community.splunk.com/t5/Getting-Data-In/What-is-the-Splunk-forwarder-installation-procedure-...

so, i would suggest you to have a test box with AIX with IBM VIOS and install UF thru .tar format and try to send out security logs. it should be fine, it may give some issues, but it should not trouble you much.

if these things didnt work out, then, syslog is your friend(ours as well)

best regards,

Sekar

>>> Happy Splunking !

isoutamo · ‎01-03-2022

Hi

as VIOS is special kind of appliance type of AIX instance I also suppose @tscroggins way to use syslog as a standard way to get those event's out of it. To installing anything other than IBM have approved to this instance probably broken it later (e.g. in update) and then you need to rebuild it and hope that this haven't generated too much issues to real AIX instances on those boxes.

r. Ismo

tscroggins · ‎01-02-2022

In past environments, I did not install the UF on VIOS partitions; however, your IBM and Splunk sales engineers may have suggestions. I had the convenience of the Tivoli suite for infrastructure monitoring. You may need to engage IBM support to configure syslog forwarding in a "supported" manner. As an IBM customer, I'm sure you're familiar with the machinations necessary to keep Big Blue happy. 😉

How do you monitor IBM VIOS ?

monitor

other

syslog

universal forwarder