SIFT-IT Secure System Logging and Event Detection
SIFT-IT is an enterprise grade detection and log management solution for the IBM i that performs real-time monitoring of all types of system and server logs and message queues. Unlike legacy products that simply harvest journals and archive them to syslog servers, SIFT-IT products can analyze the contents of the logs in order to filter and manage specific events based on granular details. SIFT-IT has unlimited reformatting and integration capabilites to any enterprise SIEM or detection software and provides remediation tools including automated remediation through system triggers. See for yourself and download a trial of SIFT-IT.
Real-Time Detection and Log Management
Monitor QAUDJRN and server logs in real time
Event filters on granular details such as users, job names, IP addresses, object names, etc.
Rules based configuration to include/exclude specific events
Syslog Formatting and Integration
RFC 5424, RFC 3164, CEF and LEEF Support
Supports multiple syslog servers simultaneously while directing specific events to specific SIEMs
Supports UDP, TCP and Secure TCP for delivery
Alarms and Remediation
Email alerts and forwarding of job logs of suspicious users
Text alerts via ARP-SMS
Automated Remediation via Exit APIs in filter configurations
SIFT-IT integrates with many 3rd party SIEM products including:
and many more
With SIFT-IT, it is possible to build filters to monitor for specific events rather than simply harvesting journal records and logs and flinging them to a syslog server. Until now, the only filtering options provided by software vendors was based on QAUDJRN journal codes. That level of filtering has been inadequate and tends to overload centralized log servers. As you can see in the screen below, it is possible to use complex logic to define specific events to monitor. You can basically filter based on any content within a log message and when that event occurs, you can define the remediation action to take as well as forwarding your customized log message to a specific syslog server.
We offer subscriptions to support and maintenance services for SIFT-IT. A subscription will give you access to software updates, new releases and fixes. Active subscriptions will allow you to access support options including tickets and being able to post in support forums. When you subscribe you will also receive support services for ARP-ZIP and ARP-MAIL at no additional charge.
IF YOU ALREADY HAVE A CUSTOMER ACCOUNT ON THIS SITE, YOU CAN LOG IN AND ACCESS FREE DOWNLOADS WITHOUT FILLING OUT THE FORMS. THERE IS NO CHARGE TO CREATE AN ACCOUNT.