CLIP is a BS2000 software that facilitates the consolidation and storage of logs from multiple BS2000 systems, such as in a SIEM system.
It contains two main parts:
- CLIP Subsystem
- TU Batch job
CLIP Subsystem
CLIP is initially provided with BS2000 V21.0B, system has been updated to transmit (initially, as the first step) SATCP events to the CLIP Subsystem. Further subsystems support will be implemented in future versions.
The CLIP subsystem transmits data to an unprivileged batch task through the FITC channel.
CLIP Batch job
Whenever the CLIP TU batch job receives a message from the subsystem via the FITC channel, it proceeds to parse it into Syslog format. If the parsing is successful, an appropriate message is sent using the configured TCP socket to a Linux machine that has a running rsyslog daemon. The data is then filtered according to the configuration and stored in the Linux server system logs.
