CorreLog Extends Event Message-to-Syslog Conversion Capability, Announces Log Management Agent for SAP

Share Article

CorreLog log management and SIEM solution now delivering enhanced SAP compliance and auditing by monitoring audit files, logons/logoffs, transactions, password failures and other SAP user activity.

In relying on such a critical platform (SAP) to run business, the urgency is to have real-time threat detection...

CorreLog, the leader in software solutions for IT security event correlation, today announced support for SAP on Windows®. The CorreLog Agent for SAP converts SAP messages to Syslog in real time for inclusion into the CorreLog SIEM (security information and event management) system or any other SIEM system. Typical SAP messages the CorreLog Agent for SAP tracks are user logon success/failures, user status changes, and transactions starting/failing. The list of SAP message codes to monitor and include in the SIEM system can be extended by the SAP administrator or authenticated user with a simple configuration file executed in a Windows UI. The Agent can also monitor debug events that can help determine the performance and availability of the SAP system. Multi-language support is also available with the CorreLog Agent for SAP, including double-byte character.

“SAP is the world leader in software and services revenue delivering the most critical enterprise applications to the largest public and private organizations on the planet,” said George Faucher, CorreLog president and CEO. “In relying on such a critical platform to run business, the urgency is to have real-time threat detection and to remain in the good graces of those in charge of organizational auditing and compliance. We are extending that with the SAP Agent.”

With the inclusion of the Agent for SAP, CorreLog extends its breadth of coverage for log management within the CorreLog Enterprise Server or other SIEM system as a complementary offering. In addition to the Agent for SAP, CorreLog provides real-time event logs for database access and activity monitoring with the following:

  • Any ODBC-compliant database such as SQL, Oracle or DB2
  • McAfee ePolicy Orchestrator Console – CorreLog is McAfee certified with bi-directional integration to ePO
  • LDAP access for active directory monitoring and authentication

The wide range of event log monitoring with CorreLog gives enterprise-to-SMB sized organizations the ability to track potential threat across servers (mainframe and distributed), routers, firewalls, applications, databases, and mobile devices/tablets.
This event logging capability is inclusive of both physical and virtual deployments.

“The CorreLog mission is to provide blanket threat detection with compliance across the enterprise from mainframe to distributed platforms, and to mobile devices and tablets, regardless of if we are monitoring in cloud-based or physical environments,” added Faucher. “The ultimate goal in this business is to monitor user behavior, and user behavior does not just live on certain hardware or applications. It happens everywhere, so you need to be aware of threat everywhere.”
More information on the CorreLog Agent for SAP can be found at

About CorreLog:
CorreLog, Inc. is the leading independent software vendor (ISV) for IT security log management and event correlation. CorreLog's flagship product, the CorreLog Enterprise Server, combines log management, Syslog, Syslog-NG, SNMP, auto-learning functions, neural network modeling, proprietary semantic correlation, automated help-desk ticketing and reporting functions into a unique multi-platform security solution. CorreLog Enterprise Server operates across Windows, UNIX, Linux and mainframe platforms, shipping with an out-of-box PCI DSS compliant CorreLog agent for IBM z/OS, the world’s most popular mainframe operating system.

CorreLog delivers an essential viewpoint via dashboard console, providing verifiable and actionable information on the activity of users, devices, and applications to proactively meet organizational SLAs and regulatory requirements. Additionally, CorreLog automatically identifies and responds to any suspicious behavior, network attacks, or policy violations by indexing and correlating user activity and event logs, then archives the data in an enterprise server system location. This allows customer organizations to quickly identify then proactively respond to compliance violations, policy breaches, cyber-attacks and insider threats. For auditing and forensics, CorreLog facilitates regulatory requirements set forth by PCI DSS, HIPAA, SOX, FISMA, NERC, NCUA, and many other standards. CorreLog markets its solutions through both direct and indirect partner channels.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Tony Perri
Follow us on
Visit website