Configuration of Security - Universal Event Monitor Security

Overview

Universal Event Monitor access controls consist of the following profile types:

Remote Access profiles control Universal Event Monitor's access to remote systems.

Universal Event Monitor Remote Access Profile Format

The remote access profile controls Universal Event Monitor Manager's access to specific remote systems running Universal Agent. The remote system is identified by three elements:

  1. System's IP address
  2. Port number that the Manager uses to connects to a Universal Broker executing on the system
  3. User account specified from the UEM Manager, which is defined on the remote system

The Universal Event Monitor Manager identifies a remote system with the REMOTE_HOST and REMOTE_PORT configuration options, and the remote user account with the USER_ID configuration option.

The remote access profile has the following format:

UEM.Iipaddress.Pport.userid

The profile name is composed of the following fields.

Field

Description

ipaddress

IP address of the remote host, in dotted-decimal notation, as identified by the REMOTE_HOST configuration option. The format of the IP address is four three-character numeric fields. Each field represents one number of the IP address. For example, IP address 256.10.2.123 is formatted as 256010002123.

port

Numeric port number on which Universal Broker is listening as identified by the REMOTE_PORT configuration option. The default Universal Broker port number is 7887. The format of the port number is a five-digit number. For example, port 7887 is formatted as 07887.

userid

ID of a remote user account, which was specified by the Manager with the USER_ID option. If the Universal Event Monitor Server is configured to not require a user ID, the value for this field is <BLANK>.The value userid is upper case. Some remote hosts may have case-sensitive user identifiers. All user identifiers specified on the Manager are translated to upper case for building the profile.

Universal Event Monitor Security Profile Definition

This example illustrates sample RACF commands that can be used to define Universal Event Monitor security profiles and permit local user accounts access to those profiles. Refer to the IBM RACF documentation for complete details on RACF commands.

Example 1

Assume you wish to restrict Universal Event Monitor Manager for z/OS access to remote host 10.23.90.2. The following profile would restrict access to only those z/OS users who have read access to the profile UEM.I010023090002.*.*.

The following TSO commands define the required profile and permits access to TSO user TSO555.

RDEF $UNV (UEM.I010023090002.*.*) UACC(NONE)PE UEM.I010023090002.*.* 
CLASS($UNV) ID(TSO555) ACCESS(READ)