× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. January 2022

RE: setting up my IBM i to push syslog entries to an external SIEM server.

A sister company of my former employer used to push notifications to Splunk.

The ability must be built-in. Trust me.... They wouldn't have paid for software on the "legacy" system.



-----Original Message-----
From: MIDRANGE-L <midrange-l-bounces@xxxxxxxxxxxxxxxxxx> On Behalf Of Jack Woehr via MIDRANGE-L
Sent: Wednesday, January 26, 2022 2:36 PM
To: Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxxxxxxxx>
Cc: Jack Woehr <jwoehr@xxxxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: setting up my IBM i to push syslog entries to an external SIEM server.

https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ibm.com%2Fsupport%2Fpages%2Fsyslog-syslogd-pase-ibm-i&amp;data=04%7C01%7C%7C22066e90b756495b826408d9e11c45f8%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637788333826233448%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&amp;sdata=YgdmubvECGkvbKzeCxh0dVLcvMZthUOCZawCJeLyneM%3D&amp;reserved=0 specifically
addresses SIEM.


From: "Gerald Magnuson" <gmagqcy.midrange@xxxxxxxxx>
To: "midrange-l@xxxxxxxxxxxxxxxxxx" <midrange-l@xxxxxxxxxxxxxxxxxx>
Date: 27/01/2022 08:04 AM
Subject: setting up my IBM i to push syslog entries to an external
SIEM server.
Sent by: "MIDRANGE-L" <midrange-l-bounces@xxxxxxxxxxxxxxxxxx>



I have been tasked to "push" events and notifications on to our new SIEM
software.

I have a high level of auditing already turned on, and have extracted
audit
journal data via SQL in the past.

I don't really want to buy anymore software if I don't have to. Does the
IBM i have all the components to push QSYSOPR, and audit entries on to a
SIEM?



As an Amazon Associate we earn from qualifying purchases.

This thread ...
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.