Solutions > CorreLog SIEM Agent for IBM z/OS

The CorreLog SIEM Agent for IBM z/OS expands the role of your corporate IT security system – whether CorreLog SIEM Correlation Server or other distributed SIEM collector – to include real-time mainframe messages from RACF, ACF2, Top Secret, DB2 accesses, and other important user activity data relevant to network security. Complete your SIEM strategy leveraging this powerful and unique real-time mainframe security management component.

CorreLog SIEM Agent for IBM z/OS

Deliver IBM z/OS RACF, ACF2, and Top Secret User plus DB2 Access Data to Your Distributed SIEM in Real Time

For many large organizations, one or more IBM z/OS mainframes constitutes a strategic capital investment for the most mission-critical applications, processes and data. With security information and event management (SIEM) software platforms existing predominantly in distributed environments, the CorreLog SIEM Agent for z/OS allows organizations to include mainframe event log data for a unifi ed, multi-platform view of enterprise security event data in a single console.



CorreLog SIEM Agent for IBM z/OS (SIEM Agent) allows users to view mainframe RACF, ACF2, Top Secret, and DB2 events in real-time, alongside security events from Windows, UNIX, Linux, routers, firewalls, and other IT assets in an enterprise SIEM system. This not only provides companies with the best possible security in real-time, but also helps ensure regulatory compliance.


CorreLog SIEM Agent is easily configured, allowing users to select from a myriad of events including RACF, TSO Logons, Production Job ABENDs, TCP/IP Connections, FTP File Transfers, Top Secret, ACF2, and DB2 accesses. Out of this event log data, security systems administrators may filter further by sub-categories and receive only the data relevant to security threats. This filtering capability streamlines data flow to
SIEM system consoles without compromising network bandwidth.


View mainframe security messages in a standard web browser with CorreLog Visualizer for z/OS

The CorreLog Visualizer is an affordable Security Information & Event Management (SIEM) system especially designed and pre-confi gured for use by z/OS security administrators and system programmers.
It provides point-and-click functionality from a standard web browser into z/OS security and operational events. Visualizer provides dashboard views, event message correlation, and can send text messages as alerts of security events generated from z/OS. More info on CorreLog Visualizer can be found here.


The SIEM Agent also operates within the constraints of increasing compliance regulations such as PCI DSS, HIPAA, IRS Pub. 1075 FISMA, GLBA, NERC, Sarbanes-Oxley, and many other standards.


Download the dbDefender technical whitepaper on monitoring DB2 activity for compliance.
Download the CorreLog SIEM Agent for z/OS datasheet now.

View Other Solutions & Services...

This is CorreLog
Security Compliance
Read the CorreLog Blog

Request Product Demo



NEW WHITEPAPER: 8 Guidelines for PCI DSS
Compliance on z/OS



CorreLog Agent for IBM z/OS is now
ArcSight CEF Certified.


CorreLog Agent for IBM z/OS is now
certified ready for IBM Security Intelligence.


z/OS download img


datasheet img

Click here to download CorreLog SIEM Agent for z/OS datasheet.


MTS logo

Read the MTS Allstream case study
for monitoring DB2 activity
with z/OS mainframe agent.