How can I distribute the reports requested by NetIQ Vulnerability Manager to another iSeries server? (NETIQKB52345)

  • 7752345
  • 02-Feb-2007
  • 22-May-2007

Resolution

goal
How can I distribute the reports requested by NetIQ Vulnerability Manager to another iSeries server?

goal
How do I distribute SAR reports?

goal
How do I configure PSDetect to distribute iSeries spooled files for VM reports?

goal
Can I set up the iSeries to distribute spooled files for VM reports automatically?

fact
NetIQ Vulnerability Manager 5.0

fact
NetIQ Vulnerability Manager 5.5

fact
NetIQ Security Solutions for iSeries 8.0

fact
VigilEnt Security Agent for iSeries 7.5

fix

By default, the iSeries spooled files for Vulnerability Manager reports are retained on the iSeries server.  To distribute these spooled files, use PSDetect or another tool that reacts to messages in QHST, such as message ID CPF1164 (job end).

NetIQ Technical Support provides source code for a program that distributes the spooled file for each Vulnerability Manager report run on the iSeries server. Review the source code and modify it to suit your needs. The program conditionally uses SNDTCPSPLF (LPR) or SNDNETSPLF (SNADS) to distribute reports. You can configure NetIQ PSDetect to submit the program upon completion of each Vulnerability Manager report on the iSeries server. You can download the file containing the source code from https://download.netiq.com/kb/files/SARRPTDSTC.txt.

Please note this code is provided "as is," but it has been tested by Technical Support and it works.

  1. Save the source code file to the root of your PC's local drive.
  2. Copy the file from the PC to the iSeries using FTP:
    1. On the PC, on a command line, type the following command:

      FTP SystemName

      where SystemName is the iSeries server name or iSeries IP address.

    2. Type the password at the FTP prompt and press Enter.
    3. Type the following FTP commands:

      put c:\SARRPTDSTC.txt  QGPL/QCLSRC.SARRPTDSTC

      quit

  3. On the iSeries, on a command line, run the following commands:

    CHGPFM FILE(QGPL/QCLSRC) MBR(SARRPTDSTC) SRCTYPE(CLP) TEXT('Distribute SAR reports')

    CRTPF QTEMP/SPLFLIST RCDLEN(132)

    CRTCLPGM QGPL/SARRPTDSTC QGPL/QCLSRC

  4. Configure PSDetect to submit the program upon completion of each Vulnerability Manager report on the iSeries server:

    1. From the PSDetect menu, select option 3 (Work With Alert Filters).
    2. Select the Alert Queue QHST with option 5 (=Work with Filters) and press Enter.
    3. Press F6 (=Create) to add a new filter.
    4. Specify the Filter sequence and Filter description (?Job ended:PSEREPORT,CPF1164?) and press Enter.
    5. Specify Message ID CPF1164 and press Enter.
    6. Specify Edit Compare Data = Y and press Enter.
    7. Specify Variable Number &1 and Equal to Compare Data = PSEREPORT and &2 = PSOBJOWNS and press Enter.
    8. Specify Action = COMMAND and press Enter.
    9. In the Command Action window, specify Command to Execute:  SBMJOB CMD(CALL PGM(QGPL/SARRPTDSTC) PARM('$JOBNAME' '$USRNAME' '$JOBNBR'  ' '  'remote-system' '*LIBL/QPRINT')) JOB(SARRPTDSTC) JOBD(PSCOMMON/PSJOBD) JOBQ(QGPL/QBATCH) INLLIBL(*JOBD) CURLIB(*CRTDFT) LOG(0 99 *NOLIST) LOGCLPGM(*NO)
    10. Press Enter, then F3(=Exit).

    If the PSDetect subsystem (ZPSD) is active and the Vulnerability Manager report completes normally on the iSeries server, the program distributes the resulting report spooled file accordingly.



Additional Information

Formerly known as NETIQKB52345