#

Secure System Logging

Alliance Log Agent for IBM i (AS/400)

Meet compliance regulations by collecting security system logs and transmitting to a log collection server or any Security Information & Event Management (SIEM) solution.

Automatically collect and transmit system security events

Format security events into an open systems log format, and securely transmit them to a log server for consolidation with the security events from other servers in the Enterprise. (IBM Power Systems i, IBM System z Mainframe, Windows, Linux and UNIX). 

 

Convert IBM i system logs to common syslog formats

Logs can be collected from the System i security journal QAUDJRN, system operator message queue, and system history file QHST. Log entries are converted from the internal IBM format to either syslog format (RFC3164) or Common Event Format (CEF). Converted entries are then transmitted to a central log server or SIEM product for log collection, analysis, and alert management.

 

High performance event handling

Alliance Log Agent can process more than 800 log entries per second. This means that you can process the large number of events that are generated when System i security levels are at the highest settings.

 

Security events reported to leading SIEM companies

Dell SecureWorks McAfee (NitroSecurity)
LogRhythm HP (ArcSight)
LogLogic Sentinal
Solutionary Alert Logic
SolarWinds NetIQ (Novell)
Splunk RSA enVision
Tripwire IBM (Q1 Labs)
Symantec Tenable Network Security
Sensage Prism Microsystems
S21sec CorreLog
Tango/04 Trustwave
elQnetworks AlienVault
Tier-3 And many others...

 

Need even more advanced logging tools?

Check out Alliance LogAgent Suite.  It has all the features of Alliance LogAgent, but with additional tools that let administrators selectively monitor data access and change activity at the column or field level - without changing applications or user accounts.

 

Supported SIEM Solutions

Compatible with any SIEM solution using syslog including: Symantec, ArcSight, LogRhythm, Tripwire, LogLogic LX, Alert Logic, Novell Sentinel

API’s

Supports direct user application QAUDJRN entries

Commands to send syslog and Common Event Format (CEF) messages

Bindable service program for syslog message creation

Bindable service program for ArcSight CEF message creation

System Requirements

IBM i OS/400 or i5/OS V5R2 or later