zERT Common Attributes

Use the zERT Summary Common Session Data attributes to monitor all zERT security sessions.

Origin Node The name of the managed system where the data is collected. It has the format:
<plexname>:<smfid>:MVSSYS.
<plexname> is the sysplex this LPAR resides in.
 <smfid> is the system's SMF identifier

System ID The SMF system ID. The format is a text string no longer than 4 characters.

TCPIP STC Name The jobname of the TCP/IP address space.

Sysplex Name The name of the sysplex that the monitored system is part of. The format is a text string no longer than 8 characters.

Collection Time The date and time of data collection.

User ID The z/OS user ID that opened and bound the socket associated with the security session.

Application Name The jobname associated with the application address space that opened and bound the socket associated with the security session.

IP Protocol The IP Protocol for the security session. The format is an unsigned integer that can have the following possible values:
6 - TCP
17 - UDP
Security Protocol The Security Protocol for the security session. The format is an unsigned integer that can have the following possible values:
0 - None
32 - IPSEC
64 - SSH
128 - TLS

Port Range Start The starting value for the server port range. The format is an unsigned integer.

Port Range End The ending value for the server port range. The format is an unsigned integer.

Client IP Address The client IP address. The format is a text string no longer than 45 characters. The IPV6 Session attribute indicates whether this is an IPV6 IP address or not.

Server IP Address The server IP address. The format is a text string no longer than 45 characters. The IPV6 Session attribute indicates whether this is an IPV6 IP address or not.

Session ID Session identifier that uniquely identifies a security session based on the server and client endpoints plus the significant security attributes for the session. The format is a text string no longer than 42 characters.

Total Connections The total number of connections for the life of the security session. The format is an unsigned integer.

Partial Connections The total number of partial connections for the life of the security session. The format is an unsigned integer.

Short Connections The total number of short connections for the life of the security session. The format is an unsigned integer.

Active Connections The total number of active connections for the life of the security session. The format is an unsigned integer.

Bytes Received The number of inbound bytes received in the security session for the most recent time interval. The format is an unsigned long long integer.

Bytes Sent The number of outbound bytes sent in the security session for the most recent time interval. The format is an unsigned long long integer.

Total Bytes Received The total number of inbound bytes received in the security session. The format is an unsigned long long integer.

Total Bytes Sent The total number of outbound bytes sent in the security session. The format is an unsigned long long integer.

Segs/DGs Received The number of TCP segments or UDP datagrams received in the security session for the most recent time interval. The format is an unsigned long long integer.

Segs/DGs Sent The number of TCP segments or UDP datagrams sent in the security session for the most recent time interval. The format is an unsigned long long integer.

Total Segs/DGs Received The total number of TCP segments or UDP datagrams received in the security session. The format is an unsigned long long integer.

Total Segs/DGs Sent The total number of TCP segments or UDP datagrams sent in the security session. The format is an unsigned long long integer.

Local Client Indication of whether the local socket for the security session is acting as the client. The format is an unsigned integer that can have the following possible values:
0 - NO
1 - YES
Local Server Indication of whether the local socket for the security session is acting as the server. The format is an unsigned integer that can have the following possible values:
0 - NO
1 - YES
Enterprise Extender Indication of whether the security session represents Enterprise Extender connections. The format is an unsigned integer that can have the following possible values:
0 - NO
1 - YES
AT-TLS Optimization Indication of whether AT-TLS optimization is enabled for the security session. The format is an unsigned integer that can have the following possible values:
0 - NO
1 - YES
IPV6 Session Indication of whether the security session uses IPV6 addresses. The format is an unsigned integer that can have the following possible values:
0 - NO
1 - YES
IPV4 Outbound Indication of whether the security session represents IPV4 outbound data connections that are established by the FTP server or FTP client. The format is an unsigned integer that can have the following possible values:
0 - NO
1 - YES