Powertech SIEM Agent for IBM i
Powertech SIEM Agent for IBM i allows you to monitor, capture, and send security-related events from IBM i directly to your enterprise security monitor. By converting raw security event data into plain English and delivering real-time notifications, Powertech SIEM Agent for IBM i helps you identify security breaches quickly and protect your most important business applications.
Identify Security Threats Instantly:
Monitor your IBM i for critical security events and receive real-time notifications, so you can respond quickly—before important business information is deleted, corrupted or exposed.
Protect Critical Business Operations:
Protect the integrity of your systems and prevent unplanned security incidents by spotting risks as soon as they materialize.
Integrate with Enterprise Tools:
Send security-related events directly to your enterprise security monitor. Through integration with your security information and event management (SIEM) console, Powertech SIEM Agent simplifies and centralizes security and integrity monitoring.
Simplify Audit Journal Details:
Not everyone is an IBM i expert. Powertech SIEM Agent translates complex audit journal details into plain English statements, so any operator can understand the data and act on it.
Why should I choose Powertech SIEM Agent for IBM i?
SIEM Integration
Send security events to virtually any SIEM solution, so problems can be identified quickly.
Simplify Security Data
Convert raw security data into a format that’s meaningful to security operations staff, so even operators who aren’t IBM i experts can understand the information.
Real-Time Event Monitoring
Monitor events from the security audit journal (QAUDJRN) and receive notifications in real time, so you always know what security events are occurring on your system.
First-Rate Support
Get your questions answered by a real person 24/7.
Key Features:
Monitor security-related events from the network, operating system, and any journal or message queue in real time, including changes to user profiles and system values, invalid login attempts, intrusion detections, and changed or deleted objects.
Maintain awareness of every security event on your system in real time so you never miss a potential security breach. Powertech SIEM Agent for IBM i will provide alerts to ensure critical issues are escalated.
Avoid flooding the network and filling up your SIEM solution with every single journal entry. Powertech SIEM Agent for IBM i provides flexible and intelligent filters to help you review the information you want to see, and also save space and bandwidth on the syslog server. Filter information by event type, user ID, IP address, and time and day of the week.
Identify security events even faster with software that integrates seamlessly with the SIEM you use every day. Powertech SIEM Agent for IBM i sends over 500 security events to a syslog server and integrates with virtually any SIEM solution, including LogRhythm, ArcSight, Tivoli, Kiwi, Splunk, and many others.
Export your security event data the way you want to. Powertech SIEM Agent for IBM i can send data directly to your SIEM console, a stream file on the IFS, or write to its own message queue—or any combination of these options.
Reference Material
Information (Web Site)
Note 1: Some of the content (images and texts) used in this page are property of Fortra