Dear Davin
Your screens show IBM i message for RSTLIB but NOT CRTSAVF. Can you see the system message after CRTSAVF? For a normal practice, you need to look at IBM i message that comes AFTER you run EVERY COMMAND to know if the command fails or succeeds. From your original post, I expect that your CRTSAVF QGPL/AJLIB should fail but you did not show system message for it. One good way to see system messages after you run every command is this
1) From IBM i command line, run CALL QCMD + enter + F10
2) Run whatever command you need to and it will appear up in the QCMD screen.
3) Check from the QCMD screen if you see any positive or negative message from IBM i AFTER the command you run in step 2 and repeat this process again for your next command you run.
I see that what happened in your case is that the file AJLIB already existed in library QGPL as a physical file (as opposed to a save file) as the result of your original FTP before you posted your original question. (When you FTP any thing to IBM i QSYS file system without the target object already existing, IBM i will create a physical file for the FTP target). I expect your CRTSAVF QGPL/AJLIB SHOULD FAIL but you did not capture the system message for me to see. Look at a sample I provide for you below and make sure you understand what you see in it that I try to portray your case (with CRTDUPOBJ, not FTP but this point is trivial). If not, ask me what you do not understand.
If you know DSPJOBLOG command, it is another choice you can use from non-QCMD screen.
So, you should delete all *FILE object named AJLIB from QGPL library (use WRKOBJ OBJ(QGPL/AJLIB) OBJTYPE(*FILE) and delete them all ) and then you run CRTSAVF QGPL/AJLIB again (and observe the message that follows - I expect it should succeed) and do the binary-mode FTP again.
Hope this helps.
------------------------------
Education is not the learning of facts but the training of the mind to think. -- Albert Einstein.
------------------------------
Satid S.
------------------------------
Original Message:
Sent: Wed May 17, 2023 04:40 AM
From: Davin Ardian
Subject: Collect IBM i logs and collect by IBM QRadar
Dear Satid,
We already tried using the new command but still error
------------------------------
Davin Ardian
Original Message:
Sent: Wed May 17, 2023 04:10 AM
From: Davin Ardian
Subject: Collect IBM i logs and collect by IBM QRadar
Dear Satid,
thank you for the information, ok we'll try it
------------------------------
Davin Ardian
Original Message:
Sent: Wed May 17, 2023 03:27 AM
From: Satid Singkorapoom
Subject: Collect IBM i logs and collect by IBM QRadar
Dear David
Unfortunately, the instruction you saw in that web page was INCORRECT in step 3. The command CRTSAVF QGPL/SAVF should actually be CRTSAVF QGPL/AJLIB. I have submitted a request to IBM for correction to step 3.
------------------------------
Education is not the learning of facts but the training of the mind to think. -- Albert Einstein.
------------------------------
Satid S.
Original Message:
Sent: Tue May 16, 2023 11:37 AM
From: Davin Ardian
Subject: Collect IBM i logs and collect by IBM QRadar
Hello Everyone,
Hope you are doing well, we are trying to collect IBM i logs to QRadar following this steps https://community.ibm.com/community/user/security/discussion/integrate-qradar-with-ibm-i but we stuck on step 5
Has anyone run into the same problem?
------------------------------
Davin Ardian
------------------------------