Compliance, SIEM & Log Management
Contact us

CorreLog File Integrity Monitor

 

 

Click Here to read the SC Magazine Review alt

 

Our File Integrity Monitor (FIM) agent scans files on your Windows and UNIX systems, periodically checking for unauthorized changes, and automatically issuing alerts when files are added, deleted, or modified. This interoperable agent works with all Syslog capable managers, and has specific remote configuration functions that work with CorreLog to provide proactive system security.

Overview

The CorreLog FIM is designed to support enterprise security requirements with special regard to PCI/DSS (as well as other) security guidelines. This simple to use program also has direct application in performance management (such as with regard to monitoring Windows Prefetch files) as well as asset and configuration management.

 

Read more...

CorreLog Secure Syslog Forwarder

The CorreLog Secure Syslog Forwarder (SSF) is a concentrator and forwarder for Syslog messages. It accepts Syslog messages from hundreds of simultaneous senders using a variety of protocols – IPv4, IPv6, UDP, and TCP – and forwards them securely to the CorreLog Correlation Server, a competitive Syslog console, or even to another copy of SSF.  This extends the life cycle of your software, increases general interoperability of your enterprise software, and promotes a wide variety of accepted standards and specifications. You

Most importantly, the SSF program guarantees verifiable security of your software by implementing advanced and standards based encryption and authentication of your sensitive security data, as well as highly reliable and guaranteed delivery of your log data.

CorreLog Secure Syslog Forwarder (SSF) Use Cases:-

Read more...

CorreLog Enterprise Search

At the center of CorreLog's operation is our high-speed, web-based search engine. This facility is implemented using our proprietary "GenDex" technology to permit you to search terabytes of information, spanning multiple days or months, returning results within a few seconds. You are provided a single web-based console to search the logs of all the technology you deploy, in real time, with no delays.


Search Function Overview

CorreLog can continuously receive in excess of 5000 events per second. This makes the need for a high-speed search engine essential in order to find precise events embedded within massive amounts of other data.


CorreLog is designed to perform these searches as rapidly as possible, easily returning search results across gigabytes of data within one second. The CorreLog high-speed search capability directly supports iteration and search refinement, especially important for data analysis and forensics, where a single search session might consist of dozens of individual searches.


Read more...

CorreLog Agent for z/OS & DB2

The CorreLog Mainframe Agent (CMA Agent) expands the role of the CorreLog Server within your enterprise to include monitoring of SMF mainframe messages, empowering you with new important capabilities and visibility into your mainframe and enterprise security. Complete your SIEM strategy using this powerful and unique management component.

 


CorreLog Agent for IBM z/OS with dbDefender™ for DB2

CorreLog delivers the industry's only real-time SMF message converter, delivering Syslog messages straight out of your IBM z/OS mainframe directly into your SIEM

 

For many large organizations, one or more IBM z/OS mainframes constitute a strategic capital investment for their most mission-critical applications and processes. The CorreLog Agent for z/OS with dbDefender enables these organizations to combine z/OS SMF events with SIEM Syslog data giving IT security personnel a complete system-wide vantage point for cyber-threat and security breach alerts. With security information and event management (SIEM) software platforms existing predominantly in distributed environments, the CorreLog Agent for z/OS allows organizations to include mainframe event log data for a unifi ed, multiplatform view of enterprise security event data in a single console..

 

The CorreLog z/OS Agent, in conjunction with any SIEM monitoring application that accepts Syslog messages, allows the user to view mainframe SMF security, database and TCP/IP events, along with security and other events from Windows, UNIX, Linux, routers, firewalls, and other IT assets. When included with other log and event data within the CorreLog Server, CorreLog's unique correlation engine and help-desk ticket auto notification functions alert IT security personnel of cyber-threats before they happen.

 

The CorreLog z/OS agent installs quickly, uses minimum resources, and does not require extensive training, ongoing maintenance or administration. CorreLog z/OS Agent is easily configured, allowing users to select from a myriad of parameters including TSO Logons, Production Job ABENDs, TCP/IP Connections, FTP File Transfers, and DB2 Accesses. Within these parameters, security systems admins may filter further by sub-categories and receive only the data relevant to security threats. This filtering capability streamlines data flow to SIEM system consoles without compromising network bandwidth.

Read more...

CorreLog Windows Agent And Toolkit


We have pioneered one of the best Windows Agents for SIEM management available anywhere. This powerful agent program is designed for installation ease, non-intrusive operation, and flexibility. Join the all enterprises currently standardizing on this SIEM component, which is setting a new benchmark for Windows syslog operability. CorreLog is pleased to offer this agent and tool kit for free, with no strings attached!


Background

Syslog is one of the most interoperable protocols currently in existence. It is supported by all UNIX platforms, and most network hardware vendors, and has been in operation since at least 1985 with no significant change to its basic specification.


Strangely, although Microsoft generally adopts popular standards such as TCP/IP, SNMP, HTTP, XML, and specifications, Microsoft support for syslog protocol is conspicuously absent. While Microsoft has an elegant logging system for the Windows operating system, Windows event messages to not generally interoperate directly with standard SIEM strategies.


Two popular techniques currently exist to compensate for this omission by Microsoft: agentless operation can be achieved via WMI or RPC calls, via a periodic polling scheme. However, this technique imposes a number of security risks and complications. In particular, it is difficult for real-time SIEM systems to guarantee timely detection of critical system events.


A second popular method of monitoring Windows event logs is to install a light-weight Windows Service. This "agent" process reads Microsoft event log information, logged in real-time, and converts these messages to standard syslog messages, which are sent to a syslog receiver.


Read more...

CorreLog Unix Linux Agents

CorreLog offers a suite of specialized UNIX agents and tools to augment the native syslog capability found in UNIX platforms. Although agents are not required to manage UNIX platforms, this additional software leverages the power of CorreLog Server to detect, log, and correlate security and performance issues not otherwise covered with native syslog capability. We support Linux, Solaris, AIX, HPUX, and other popular UNIX platforms.


Product Overview

The CorreLog system works with UNIX platforms in an "agentless" mode, without the need to install any other software component. In particular, you can manage virtually any UNIX platform using the native Syslog capability, simply by directing syslog messages to the CorreLog Server site.


To extend your UNIX monitoring capability to include arbitrary log file management, remote configuration of source filters, and data encryption, you can install the CorreLog UNIX Agent, which usually takes under one minute, and does not require the platform to be rebooted. After installation, log messages will immediately begin forwarding over to the CorreLog program, permitting data aggregations and correlation of UNIX logs. This greatly expands your ability to proactively manage UNIX platforms, making the CorreLog system aware of any log file on any UNIX system.


Read more...

CorreLog SIEM Security Server, Log Management & Compliance solutions

Search Agileise.Com

Download Datasheets:-

Free Trial Product Downloads:-

Learn more about this Product:-

Request a Product Demo