If your organization already has a SIEM system, the CorreLog Visualizer for z/OS leverages your existing technology. The product can be inserted between the CorreLog SIEM Agent for z/OS program (running on the mainframe) and any SIEM system, including another copy of CorreLog Server.
Click here to download the Visualizer for z/OS datasheet.
Although a SIEM system is not required to fully utilize the CorreLog Visualizer™ for z/OS program, Visualizer for z/OS can provide useful visibility to z/OS messages related to mainframe security, and act as a general-purpose collector and SIEM syslog forwarder in a larger enterprise security management strategy.
The CorreLog Visualizer for z/OS provides critical functions that bring your live mainframe data into your existing SIEM system, expanding your visibility to an operating system previously not available in the SIEM.
- Mainframe Message Search. Mainframe messages are collected by CorreLog Visualizer and indexed for rapid search of z/OS data.
- z/OS Dashboards. Data can be depicted using a suite of pre-configured dashboards that show mainframe activity related to system-wide security such as RACF, ACF2, Top Secret, CICS, DB2 accesses, DFSMS and other data used by a SIEM to determine the health of your network security.
- Correlation Rules. The software comes with a out-of-box correlation rules that were designed with compliance in mind - PCI DSS, HIPAA, SOX, IRS Pub. 1075, GLBA and many other standards.
Frequently Asked Questions
Q: Is the CorreLog Visualizer for z/OS required to use the CorreLog SIEM Agent for z/OS?
The Visualizer for z/OS is NOT REQUIRED to fully use SIEM Agent for z/OS. Visualizer is mainly useful for providing visibility to the mainframe data outside an organization's SIEM system (such as to select administrators, or mainframe operators.)
Q: Is the Visualizer for z/OS considered a SIEM system?
Visualizer for z/OS is a comprehensive dashboard and mainframe security system that includes search, correlation, alerting, and reporting. However, it is not intended to replace the SIEM of your organization. Its intent is mostly to provide information security visibility in a more functional format than traditional green screens.
Q: How is the Visualizer for z/OS licensed?
CorreLog Visualizer for z/OS Software is separately licensed from the CorreLog SIEM Agent for z/OS program (or other CorreLog products.) Visualizer software is licensed for a certain number of LPARS that are each running the SIEM Agent for z/OS program.
Q: Can I upgrade the Visualizer for z/OS to a full CorreLog Server license?
If you have installed the CorreLog Visualizer for z/OS, you can upgrade to the full CorreLog Server system with minimal fuss, while keeping your existing configurations. You would simply license more devices. CorreLog team support is available to assist.
Q: Where can I find more information on CorreLog Visualizer for z/OS?
Because the CorreLog Dashboard Collection system is based on the CorreLog Server and CorreLog Framework, you can find an abundance of information (such as system requirements, administrative configuration, internal security concepts, and other documents) by consulting standard CorreLog Server documentation found on https://correlog.com.
CorreLog is pleased to support proof-of-concepts, and provide technology proposals and demonstrations upon request.
For more information on CorreLog SIEM Visualizer for z/OS please contact us.
Download the CorreLog Visualizer™ for z/OS datasheet now.
View Other Solutions & Services...