Sign up to save your podcasts
Or
Share Mainframe Security in Splunk: PropelZ SMF & RACF Feeds
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Mainframe Security in Splunk: PropelZ SMF & RACF Feeds
How do you get IBM Z mainframe security data into Splunk without custom development? VirtualZ Computing CTO Vince Re explains how the PropelZ Splunk connector — part of VirtualZ's no-code tool for moving mainframe data to the cloud — streams SMF records, RACF logs, and console messages directly into an existing Splunk SOC, so the system processing your most sensitive data is no longer a blind spot.
Vince Re walks through why most mainframe-to-Splunk integration relies on batch processing and custom work, and how PropelZ delivers real-time streaming into existing Splunk deployments with no custom development, no specialized configuration, and no mainframe-specific expertise required on the security team's side.
In this episode of Skyward Data, the podcast from VirtualZ Computing:
- Why real-time SMF, RACF, and console data beats the batch processing legacy connectors depend on
- Out-of-the-box Splunk integration: structured data formatting and unified timeline correlation with the rest of your SOC
- Threat-detection scenarios this enables: privilege escalation monitoring, lateral movement analysis, and data exfiltration alerts
- Applying behavioral analysis and anomaly detection to mainframe security data alongside distributed systems
- Why integration measured in weeks, not months, matters for security operations
SMF (System Management Facilities) is the mainframe's audit and activity log; RACF is IBM's z/OS access-control and security package. PropelZ feeds both into Splunk with no code and no homegrown pipelines, and is proven at 56,000 records per second, mainframe to cloud. It's part of VirtualZ Computing's no-code portfolio for enterprise mainframe data, alongside Lozen (live in-place data access), FlowZ (cloud storage for backup and archive), and Zaac (cloud and SAN as native z/OS storage).
Topics: mainframe security monitoring, Splunk integration, SMF, RACF, IBM Z, z/OS, SOC, SIEM, threat detection, real-time data streaming, no-code data integration, hybrid cloud.
Listen to more Skyward Data episodes: https://virtualzcomputing.com/podcasts/
View all episodes
By VirtualZHow do you get IBM Z mainframe security data into Splunk without custom development? VirtualZ Computing CTO Vince Re explains how the PropelZ Splunk connector — part of VirtualZ's no-code tool for moving mainframe data to the cloud — streams SMF records, RACF logs, and console messages directly into an existing Splunk SOC, so the system processing your most sensitive data is no longer a blind spot.
Vince Re walks through why most mainframe-to-Splunk integration relies on batch processing and custom work, and how PropelZ delivers real-time streaming into existing Splunk deployments with no custom development, no specialized configuration, and no mainframe-specific expertise required on the security team's side.
In this episode of Skyward Data, the podcast from VirtualZ Computing:
- Why real-time SMF, RACF, and console data beats the batch processing legacy connectors depend on
- Out-of-the-box Splunk integration: structured data formatting and unified timeline correlation with the rest of your SOC
- Threat-detection scenarios this enables: privilege escalation monitoring, lateral movement analysis, and data exfiltration alerts
- Applying behavioral analysis and anomaly detection to mainframe security data alongside distributed systems
- Why integration measured in weeks, not months, matters for security operations
SMF (System Management Facilities) is the mainframe's audit and activity log; RACF is IBM's z/OS access-control and security package. PropelZ feeds both into Splunk with no code and no homegrown pipelines, and is proven at 56,000 records per second, mainframe to cloud. It's part of VirtualZ Computing's no-code portfolio for enterprise mainframe data, alongside Lozen (live in-place data access), FlowZ (cloud storage for backup and archive), and Zaac (cloud and SAN as native z/OS storage).
Topics: mainframe security monitoring, Splunk integration, SMF, RACF, IBM Z, z/OS, SOC, SIEM, threat detection, real-time data streaming, no-code data integration, hybrid cloud.
Listen to more Skyward Data episodes: https://virtualzcomputing.com/podcasts/