LogAgent Suite with File Integrity Monitoring (FIM) 

IBM i AS/400 loggingAlliance LogAgent Suite allows administrators automatically collect and transmit system security events.  With File Integrity Monitoring, admins can selectively monitor file integrity and change activity at the column of field level - without changing applications or user accounts.

 

Automatically collect and transmit system security events
Format security events into an open systems log format, and securely transmit them to a log server for consolidation with the security events from other servers in the Enterprise. (IBM Power Systems i, IBM System z Mainframe, Windows, Linux and UNIX).

Transmit to Leading SIEM Vendors
LogRhythm QRadar
RSA enVision Solutionary
SolarWinds Tripwire
Splunk ArcSite
Alert Logic Sentinal

Convert IBM i system logs to common syslog formats
File integrity events can be consolidated with System i security journal QAUDJRN, system operator message queue, and system history file QHST. Log entries are converted from the internal IBM format to either syslog format (RFC3164) or Common Event Format (CEF). Converted entries are then transmitted to a central log server or SIEM product for log collection, analysis, and alert management.

Feature-Packed Alliance LogAgent Suite
New tools like File Integrity Monitoring (FIM) allow administrators to selectively monitor configuration files and sensitive data change activity at the column or field level. Sensitive data in all types of applications can be monitored without changes to those programs, or changes to user accounts. IBM i security administrators can implement File Integrity Monitoring quickly with no disruption to on-going operations.

Features Unique to Alliance LogAgent Suite:

●    Monitor file read and/or change access by column
●    Monitor multiple columns in one database table
●    User white lists for table and column access
●    Detect and alert on changes to configuration files and sensitive data
●    Set floor and ceiling values for events
●    Optionally log hashed value of changed data
●    Query system log history for changed data
●    Route file integrity events to QAUDJRN or directly to SIEM application
●    Format security events to Syslog standard or Common Event Standard

High performance event handling
Alliance Log Agent can process multiple files simultaneously. This means that you can process the large number of events that are generated when System i security levels are at the highest settings.

Complete the short form to request a 30-day evaluation.