CorreLog Further Extends Mainframe Log Management Reach, Announces ACF2 and Top Secret Syslog-to-SIEM Capability

Share Article

CorreLog Agent for z/OS now monitoring CA’s Top Secret and ACF2, recording security and compliance activity as real-time syslog events to any SIEM system.

CorreLog Server Screen Shot

CorreLog Enterprise Server

Real-time security and database events are crucial and required when dealing with regulatory compliance.

CorreLog, the leader in software solutions for IT security event correlation, today announced that CA ACF2 and Top Secret security events have been added to its industry leading Agent for z/OS. The inclusion of ACF2 and Top Secret data to the Agent for z/OS further broadens CorreLog’s mainframe reach into log management for security information and event management (SIEM) systems, a software space predominantly running on distributed platforms. The CorreLog Agent for z/OS is now capable of delivering mainframe event data for SIEM in the form of TSO Logons, Production Job ABENDs, TCP/IP Connections, FTP File Transfers, and data from DB2, RACF, ACF2 and Top Secret.

With more critical enterprise data and applications residing on IBM z/OS, auditing becomes a key concern as organizations prepare to maintain compliance with industry standards such as HIPAA, FERC, FISMA, PCI DSS, SOX and many others. Adding ACF2 and Top Secret data to enterprise SIEM systems not only provides improved visibility to mainframe security but also offers an added reference point for compliance in the event of an audit.

“A mainframe is a huge investment for any organization,” said George Faucher, CorreLog president and CEO. “And I’m not just talking about the pure cost of the hardware,” Faucher added. “When you consider the value of the data and applications running on a mainframe and the consequences of non-compliance, it’s natural for us to continue to expand the scope of events our z/OS agent can manage. Real-time security and DB events are crucial and required when dealing with regulatory compliance.”

The CorreLog Agent for z/OS runs on both the CorreLog Enterprise Server or can run as a complement to another SIEM solution. The Agent for z/OS allows users to view mainframe SMF security, database and TCP/IP events, alongside events from Windows, UNIX, Linux, routers, firewalls, and other IT assets. When included with other log and event data within the CorreLog Server, CorreLog’s unique correlation engine and helpdesk ticket auto notification feature can alert IT security personnel of cyber-threats before they happen.

“We’re striving to give customers a comprehensive view of their IT security with an audit trail,” added Faucher. “Today’s announcement and last week’s announcement of the CorreLog Agent for SAP are two great reasons to look at CorreLog for securing your IT, regardless of your current SIEM system.”

The ACF2 and Top Secret inclusion to the CorreLog Agent for z/OS comes on the heels of CorreLog joining the CA Technology Partner Program (TPP) earlier this year. CA’s TPP is a collaborative effort with ISVs and IHVs across the world to develop and market integrated solutions that complement CA Technologies offerings. More information on the CA TPP can be found at

For more information on the CorreLog Agent for z/OS please click here.
About CorreLog:
CorreLog, Inc. is the leading independent software vendor (ISV) for IT security log management and event correlation. CorreLog's flagship product, the CorreLog Enterprise Server, combines log management, Syslog, Syslog-NG, SNMP, auto-learning functions, neural network modeling, proprietary semantic correlation, automated help-desk ticketing and reporting functions into a unique multi-platform security solution. CorreLog Enterprise Server operates across Windows, UNIX, Linux and mainframe platforms, shipping with an out-of-box PCI DSS compliant CorreLog agent for IBM z/OS, the world’s most popular mainframe operating system.
CorreLog delivers an essential viewpoint via dashboard console, providing verifiable and actionable information on the activity of users, devices, and applications to proactively meet organizational SLAs and regulatory requirements. Additionally, CorreLog automatically identifies and responds to any suspicious behavior, network attacks, or policy violations by indexing and correlating user activity and event logs, then archives the data in an enterprise server system location. This allows customer organizations to quickly identify then proactively respond to compliance violations, policy breaches, cyber-attacks and insider threats. For auditing and forensics, CorreLog facilitates regulatory requirements set forth by PCI DSS, HIPAA, SOX, FISMA, NERC, NCUA, and many other standards. CorreLog markets its solutions through both direct and indirect partner channels.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Tony Perri
Follow us on
Visit website