Apeggio Software SFTP, Web Services, SMS, Two Factor Authenticaton, IBM i                    Security and Cloud Integration Software for the IBM i                                                                      

 

SIFT-IT    Secure System Logging and Event Detection

 

SIFT-IT is an enterprise grade detection and log management solution for the IBM i that performs real-time monitoring of all types of system and server logs and message queues.   Unlike legacy products that simply harvest journals and archive them to syslog servers, SIFT-IT products can analyze the contents of the logs in order to filter and manage specific events based on granular details.   SIFT-IT has unlimited reformatting and integration capabilites to any enterprise SIEM or detection software and provides remediation tools including automated remediation through system triggers.   See for yourself and download a trial of SIFT-IT.

 

 

Features

Real-Time Detection and Log Management

Monitor QAUDJRN and server logs in real time

Event filters on granular details such as users, job names, IP addresses, object names, etc.

Rules based configuration to include/exclude specific events

 

Syslog Formatting and Integration

RFC 5424, RFC 3164, CEF and LEEF Support

Supports multiple syslog servers simultaneously while directing specific events to specific SIEMs

Supports UDP, TCP and Secure TCP for delivery

 

Alarms and Remediation

Email alerts and forwarding of job logs of suspicious users

Text alerts via ARP-SMS

Automated Remediation via Exit APIs in filter configurations

 

SIEM Integration

SIFT-IT integrates with many 3rd party SIEM products including:

IBM QRADAR

HP ArcSight

Splunk

LogLogic

TripWire

SolarWinds Kiwi

and many more

 

Diagram

 

 

 

SIFT-IT Diagram

Filters

Event Filtering

 

With SIFT-IT, it is possible to build filters to monitor for specific events rather than simply harvesting journal records and logs and flinging them to a syslog server.   Until now, the only filtering options provided by software vendors was based on QAUDJRN journal codes.   That level of filtering has been inadequate and tends to overload centralized log servers.   As you can see in the screen below, it is possible to use complex logic to define specific events to monitor.   You can basically filter based on any content within a log message and when that event occurs, you can define the remediation action to take as well as forwarding your customized log message to a specific syslog server.

 

SIFT-IT Filters QAUDJRN records on IBM i for syslog server

 

 

Alarms

Send Emails and SMS text messages from IBM i based on threats and security events

 

Subscriptions

  

  

We offer subscriptions to support and maintenance services for SIFT-IT.  A subscription will give you access to software updates, new releases and fixes.   Active subscriptions will allow you to access support options including tickets and being able to post in support forums.     When you subscribe you will also receive support services for ARP-ZIP and ARP-MAIL at no additional charge.

 

To request a quote for a subscription please login and access the option for Place An Order in the Customer Menu or contact us at This email address is being protected from spambots. You need JavaScript enabled to view it. or 888-428-2306.

 

 

  

Download

 

  

IF YOU ALREADY HAVE A CUSTOMER ACCOUNT ON THIS SITE, YOU CAN LOG IN AND ACCESS FREE DOWNLOADS WITHOUT FILLING OUT THE FORMS.   THERE IS NO CHARGE TO CREATE AN ACCOUNT.

  

Free Trial Download of SIFT-IT Software with 10 days of free support and maintenance services.

 

Duration: 10 days
Price: Free

 

 

If you have any questions please email us at This email address is being protected from spambots. You need JavaScript enabled to view it. or call us at 888-428-2306 ext 1.

 

Latest Arpeggio Software Blogs

You won't get bitten by this Poodle!
Sunday, 26 October 2014
  With recent announcements from organizations such as Apple, Google and Mozilla ending support for SSLv3 in response to  the SSLv3 vulnerability known as the POODLE attack, Arpeggio Software has updated our software products to provide our customers the...
More inBlog  

Arpeggio Latest Support Forum Post

More Topics »

SIFT-IT Features

 

  Real-time QAUDJRN auditing

 

Syslog Agent 

 

Syslog Formatting

RFC 5424

RFC3164

LEEF

CEF

Custom Tagging

 

Granular Event Filtering

 

SIEM Integration

IBM QRADAR

HP - ArcSight

Splunk

Kiwi

Tripwire

and many more

 

Real Time Remediation

 

Alerts

Emails including joblog

SMS (requires ARP-SMS)

 

Integrates with

ARP-SFTP

SIFT-IT

ARP-MAIL

ARP-SMS

ARP-ZIP

 

 

Compliance with latest mandates/laws

 

  

  

  

About Arpeggio Software

  

Arpeggio Software is a leading provider of secure cloud connnectors and security tools for the IBM i (and its predecessors AS/400, iseries, i5 and System i).

 

linkedin log 32twitter log 32YouTube32-iconfacebook log 32blogger log 32