Dear Kevin, Thank you very much for your time and effort to help me find useful tools for log analysis. I appreciate your detailed and informative response. I will try each of the tools you suggested and see which one works best for me.
By the way, I have a question about IBM Z Operational Log Analytics and IBM Z Anomaly Analytics with Watson. Are these tools free or do they require a license fee? How can I get access to them if I want to try them out? Thanks a lot! Jason Cai ====================================== Found it. The tool that should do what you want, with a bit of figuring out the syntax of the JCL, is https://github.com/IBM/IBM-Z-zOS/tree/main/zOS-Tools-and-Toys/msglg610. Among other things, given a syslog, it will print out the number of times each message ID appears in the syslog. Note that this is provided with absolutely no support or warranty or anything else from IBM. And I would urge you to look at one of the other log monitoring tools, so you’re not having to do all the monitoring / analysis yourself. -- Kevin McKenzie External Phone: 845-435-8282, Tie-line: 8-295-8282 z/OS Test Services - Test Architect, Provisioning z/OS Hardware/Software Interlock From: IBM Mainframe Discussion List <IBM-MAIN@LISTSERV.UA.EDU> on behalf of Kevin Mckenzie <kmcke...@us.ibm.com> Date: Thursday, July 27, 2023 at 12:12 PM To: IBM-MAIN@LISTSERV.UA.EDU <IBM-MAIN@LISTSERV.UA.EDU> Subject: [EXTERNAL] Re: Inquiry about extracting and counting msgid from operlog using sort program Hi, Jason. If all you’re looking to do is summarize log data, I can give you some options, at least. There was/is a tool that Kevin Kelley, since retired, wrote to help clients do log analysis that would do exactly what you want, on platform, in batch; I’m trying to find it again. It was available on testcase.boulder.ibm.com, and may well still be there in some subdirectory; I’ll spend a bit of time searching for it again. Links to it have apparently been lost. I believe it was mentioned in some Redbooks as well. If I can find it, I’ll put it in the z/OS github repository. It was intended to help clients do message suppression and the like. I have a python library, zoslogs (https://pypi.org/project/zoslogs/ ), that I built to do very basic log parsing. So if you wanted to, you could use it as a basis for something like what you’re trying to do; you at least wouldn’t have to worry about doing the initial parsing yourself. There are some tools that might give you an easier interface to gather the syslog data, such as the z Common Data Provider, or the z/OSMF REST API. I believe zoau does something similar. There are also things like IBM Z Operational Log Analytics and IBM Z Anomaly Analytics with Watson that will do realtime/almost realtime analysis of the logs for you, and try to warn you about potential issues. As others said, however, I don’t think using something like DFSORT will meet your needs, without a lot of work. At the least I’d suggest using a pre-processing tool to handle the initial log parsing before you sort/summarize the data. -- Kevin McKenzie External Phone: 845-435-8282, Tie-line: 8-295-8282 z/OS Test Services - Test Architect, Provisioning z/OS Hardware/Software Interlock ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN