Windows SYSLOG Server and Event Log Management
The Windows SYSLOG Server that formats ALL System, Security, Database and Application event logs into an easy to read format, in a single SQL database. You can even send other platforms database and system event log sources to the CPA SYSLOG Server, including IBM iSeries, Mainframe, AIX, Linux, and Unix Servers. The Cross-Platform Audit also can server as a SYSLOG server for all your Databases, including DB2, Oracle, MS SQL, MYSQL, Sybase & Progress Databases to consolidate event logs from your entire Data Center. The CPA is a robust yet simple to use SYSLOG Server that provides incredible clarity and simplicity that any Auditor or Administrator can start working with right away. Compare CPA SYSLOG facility screenshots to other SYSLOG Servers or watch a Demo to see for yourself. The Cross-Platform Audit Windows SYSLOG Server was initially designed as Database Activity Monitor, but grew into a complete event log management solution ideal for any platform, providing amazing auditing, alerting (IDS) and filtering features no other SYSLOG facility provides.
CPA consolidates event logs of all your systems, databases and devices and other sources into a powerful intuitive Audit and Reporting facility, enabling auditors to quickly drill-down and identify critical events. The CPA SYSLOG Server for Windows tags event log types by many different categories for logical filtering and sorting. Individuals using the Windows SYSLOG Server will not need platform specific experience to use its intuitive auditing, reporting or analysis tools.
Real-Time Auditing of all System Event Logs, Database, Security, Applications and Devices at your finger tips
The CPA SYSLOG Server for Windoes gathers all the system event logs or only the event log types you deem relevent, and you can define which event log types and sources will synch in real-time or in scheduled batch increments. Your Windows event log sources can be configured by event types as well as which users will be included in the CPA SYSLOG Server database, as there are many events you likely would want to exclude from your database. The CPA SYSLOG Server allows you to configure unique event log extract policies by Server, you may want to extract Event logs from some servers in real-time and in scheduled increments for other servers based. The CPA SYSLOG facility give you the flexibility to define unique selection criteria for each Server, Database and Users.
Global User Identification Mapping
Since not all users will have the same User ID on each system, it is for this reason the CPA SYSLOG facility includes a Global ID mapping tool to correlate a Users events coming from different servers, databases and even log sources. For instance, ALINCOLN on system A, is also LINCOLNA on system B, ABRAHAML on another system and ABEL1865 on other systems. The Global ID mapping function allows you to efficiently conduct an audit, quering event logs in real-time (from all your servers, databases and event log sources) and run reports on this users activity very quickly and affectively, becuase the GID has consolidated all of Abraham Lincoln's User IDs and Alias accross all your systems and databases, by mapping them to a single GID. Without a Global ID, an auditor would either have to run multiple reports, on multiple systems, databases and event log sources, AND write a complex custom queries on each, while including all the variables that apply for this user. Even if you did have all audit logs in a single Event Log Management database, you would still have to write time consuming queries to get the audit results you are seeking.
Intrusion Detection System (Alerts)
Alerts can be triggered by any event in the CPA SYSLOG facility to notify admin as soon as it's imported into the CPA database. IDS events can be defined using very general or specific criteria, and can optionally active for specified days and times. Alert notification/actions include; pop-up message on PC, sending an email or SMS message.
SYSLOG Event Forwarding
CPA can also forward event logs to any SYSLOG Server or SIEM tool, including Kiwi, LogRythm, RSA Envision "Certified", Splunk, ArcSight, Nitro Security, Syslog-NG, or any other SYSLOG Server and SIEM tool that needs integration with IBM iSeries and Mainframe systems.
SYSLOG Collection Criteria
We can pre-filter system, security, database and applicatoin events for each Data Source to surpress the collection of non-relevent events using a number of selection criteria and/or using boolean expressions to define your selected event types.
SYSLOG and SIEM forwarding for non-conforming platforms
The SYSLOG facility can also be configured to forward extracted event logs to any SYSLOG or SIEM server in the desired format very quickly. The CPA is an ideal tool where IBM platforms and databases need to coexist with other platform and database types within a single repository for audit log archiving and analysis.
Check out Cross-Platform Audit "CPA" and compare the differences for yourself. The CPA is ideal for consolidating Database, System and Security event logs from any platform efficiently. The CPA lets you define custom data extraction policies for each event source by event type and/or user before exraction into the Sequel Database. CPA supports:
- IBM iSeries: System Audit Journal "QAUDJRN" | Database Changes & Reads "Journaled DB2 files" | SQL Statements | Network Events "Exit Program" such as FTP, ODBC/JDBC and other Applications | History Log "QHST" | any Message & Job Queue
- IBM Mainframe: SMF Telnet, SMF FTP, SMF VSAM, SMF RACF | TCP/IP FTP, TCP/IP Telnet applications | DB2 SMF, DB2 Data Audit Log, DB2 CICS SQL Data Capture, DB2 Batch SQL Data Capture
- IBM AIX: System Audit & DB2 Database File Audit
- Windows: System Event Logs, Applications, DNS and others | Active Directory Compliance | ISA Server Logs | DHCP Logs, IIS Web Server Logs & Exchange Server Logs
- Linux: System Audit X86, 86_64, IA64, PPC64, PPC, S390X, S390
- Unix & Solaris: System Audit
- SYSLOG applications & devices: Routers, Firewalls, Anitvirus and any other SYSLOG source
- Oracle: SQL Statements, Oracle System Logs, Admin Logs, Users/Profiles, Procedures and Database Audit
- DB2: File and Field Audit with Before/After Images side-by-side
- MS SQL: SQL Statements, Ssytem Audit and Data Audit
- MYSQL: Audit, Connect, Query, Prepare, Execute, Shutdown, Quit, No Audit Init DB and others
- Progress: System Audit & Data Audit
- SYBASE: System Audit
- Applications: any application that produces a flat file audit log
Additional Data Sources are currently in development... please contact us if you beleive you have a unique System, Database, Application or Device requirement we can assist you with.