Home
Configuring Ironstream Hub
Describes the configuration files and locations and details out the process of configuring hub to ibm i/ibm z agents.
Configuring Hub for IBM z
This section describes the process to configure Hub for an IBM Z Agent.
Data Source Files
Data source configuration files are defined in the source subdirectory of the Configuration Directory. Each Source Connection needs a separate file in this folder.
Process Files
Process configuration files are defined in files held in the process subdirectory of the Configuration Directory.
Splunk Metadata
The Splunk Metadata process is used to add metadata when sending data to Splunk using a TCP/IP client. This metadata controls Splunk’s indexing process.

Introduction to Ironstream Hub
Introduction to Ironstream Hub and related concepts.
Configuring Ironstream Hub
Describes the configuration files and locations and details out the process of configuring hub to ibm i/ibm z agents.
- Configuration Concepts
- Configuring Hub for IBM i
  This section describes how to use the Configuration Tool to configure connections to IBM i LPARs and collections from IBM i Agents.
- Configuring Hub for IBM z
  This section describes the process to configure Hub for an IBM Z Agent.
  - Configuration of the Ironstream for IBM Z Agent
    When using Ironstream for IBM Z as a data source, it can be configured with four different target options TARGET – “GENERIC”, “KAFKA”, “SPLUNK”, or “ELASTIC”.
  - Configuring an Ironstream for IBM Z Pipeline
    Hub uses configuration files to establish the required source connections, processes and target connections for data being transmitted via a TCP/IP connection from a z/OS system.
  - Case Sensitivity
    The Hub configuration files consist of JSON, that is, sets of key/value pairs. The case sensitivity rules are as follows:
  - Data Source Files
    Data source configuration files are defined in the source subdirectory of the Configuration Directory. Each Source Connection needs a separate file in this folder.
    - Example Data Source
      An example of a Data Source configuration file:
    - Process Files
      Process configuration files are defined in files held in the process subdirectory of the Configuration Directory.
      - Simple String Filters
        The Simple String Filter tests a record to see whether a specified substring occurs at any place within the body of the record. If a positive match is found, then the filter will forward the data to the next element in the pipeline.
      - REGEX Filters
      - JSONPath Expression Filters
      - Splunk Metadata
        The Splunk Metadata process is used to add metadata when sending data to Splunk using a TCP/IP client. This metadata controls Splunk’s indexing process.
      - JSON to CSV Converter
        The JSON to CSV Converter process will convert JSON data to CSV format. One very useful feature of this process is that it reduces the volume of the data that is output to a target. Users of Splunk may want to output a CSV to a file target, then use the Universal Forwarder to send that data on to Splunk.
      - JSON Property Injector
        The JSON property injector process allows the creation of new key/value pairs in the output JSON record. You can inject one or more key/value pairs using this process as described here.
      - JSON Property Concatenator
        This process allows you to join two or more values from JSON key/value pairs and add the resulting value, with a name of your choice, into JSON records.
      - Payload Wrapper
        This process allows you to batch JSON records and include one or more fixed JSON key/value pairs along with other data. The purpose of this process is twofold. One is to enable the sending of data in batches as a single 'payload', rather than individual records. The other is to allow the incorporation of information in a user-chosen location within that batch, which may be necessary to support data destined for specific targets. The records in any given batch replace the mandatory <<PAYLOAD>> string.
      - JSON Threshold Alerter
        This process allows you to pass on only those JSON records that breach a user-defined numeric threshold. You can delay sending continual threshold breaches for a number of seconds by setting an optional parameter to a value greater than zero.
    - Data Target Files
      Data Targets configuration files are defined in the target subdirectory of the Configuration Directory.
Configuring Forwarders
Describes configurations required to enable hub to forward data to different targets.
Monitoring the Hub System
Identifies the real time metrics logged by Ironstream Hub.
Hub Command-line Application
Describes the commands available in the Hub Command-line application to perform local actions and receive information.
Troubleshooting Hub
Provides resolutions to your most frequent queries while using Ironstream Hub.
Appendices
Reference information
Notices
Copyright 2022, 2022 Precisely

Splunk Metadata

The Splunk Metadata process is used to add metadata when sending data to Splunk using a TCP/IP client. This metadata controls Splunk’s indexing process.

If ProcessType is set to SplunkMetaData, a parent field named SplunkMetaDataConfiguration must be populated with these Mandatory fields:


Fields	Description	Valid Values
SourceType	The value with which to set the source type default field in Splunk.
Source	The value with which to set the source default field in Splunk.
Index	The index that will receive the data.

Example Splunk Metadata Process File

An example of a Process configuration file that adds Splunk meta data and sends the results to a Target. The records will be sent to the “smf030” index with the Splunk default fields source type and source being added to each record with the values “SyncsortMF” and “mainframe” respectively.

{
  "Name": "SMF030SplunkMetadata",
  "Id": "4b205b49-970b-4e84-ad13-28c0ffdf7be3",
  "SplunkMetaDataConfiguration": {
    "SourceType": "SyncsortMF",
    "Source": "mainframe",
    "index": "smf030",
  },
  "ProcessType": "SplunkMetaData"
}