icon/x Created with Sketch.

Splunk Cookie Policy

We use our own and third-party cookies to provide you with a great online experience. We also use these cookies to improve our products and services, support our marketing campaigns, and advertise to you on our website and other websites. Some cookies may continue to collect information after you have left our website. Learn more (including how to update your settings) here.
Accept Cookie Policy

Accept License Agreements

This app is provided by a third party and your right to use the app is in accordance with the license provided by that third-party licensor. Splunk is not responsible for any third-party apps and does not provide any warranty or support. If you have any questions, complaints or claims with respect to this app, please contact the licensor directly.

Thank You

Downloading CorreLog zDefender for RACF
To install your download
For instructions specific to your download, click the Details tab after closing this window.

Flag As Inappropriate

CorreLog zDefender for RACF

Overview
Details
The CorreLog zDefender® Dashboards for RACF provide a set of RACF-derived visualizations using events from the CorreLog zDefender Data Handler add-on. These dashboards provide an overview of user and system activity – including privileged users – that facilitates Security Information and Event Management (SIEM) on IBM z/OS.

CorreLog also has a standalone version of zDefender. For more info on this and other CorreLog standalone mainframe security products, please visit www.correlog.com/mainframe.

CorreLog mainframe SIEM solutions are highly interoperable and, in addition to Splunk, we have certified integrations and field integrations with nearly every other Windows/UNIX/Open Source SIEM system on the market.

The CorreLog zDefender® Dashboards for RACF provide a set of RACF-derived visualizations using events from the CorreLog zDefender Data Handler add-on. These dashboards provide an overview of user and system activity – including privileged users – that facilitates Security Information and Event Management (SIEM) on IBM z/OS. CorreLog zDefender for Splunk tracks:

  • RACF violation volume
  • RACF message volume
  • RACF violations by User name/ID
  • RACF failed logons by User name/ID
  • APF-authorized library activity
  • Invalid password attempts
  • RACF event types
  • Sensitive datasets accessed
  • ALTUSER changes
  • Plus other logged activity from RACF

App Version: 2.8.4

For more information on the standalone CorreLog zDefender™ for z/OS product, please visit www.correlog.com/mainframe.


The CorreLog zDefender™ Architecture


Requirements
This App requires that one of the CorreLog Data Handler Add-ons be installed, configured, and running on the Splunk installation.
- CorreLog zDefender SPLN Data Handler – Processes incoming SPLN Formatted messages sent from CorreLog zDefender.
- CorreLog zDefender CEF Data Handler – Processes incoming CEF Formatted messages sent from CorreLog zDefender.


Support
For support for all CorreLog products, please visit www.correlog.com/support.


About CorreLog
Since 2007, CorreLog, Inc. has been committed to delivering software solutions for Security and Compliance auditing professionals who need more advanced network/system security and improved adherence to PCI DSS, HIPAA, SOX, FISMA, the GDPR, ISO 27001, IRS Pub. 1075, NERC and other industry standards for protecting data. Our solutions are designed to be complementary to clients’ existing IT investments.

CorreLog specializes in providing the most comprehensive Security & Compliance software at the industry’s lowest Total Cost of Ownership. Our solutions help secure data across both mainframe and distributed operating systems, and provide alerts with notifications in real-time to security and network operations resources. CorreLog has worked with companies across Fortune 500 to SMB class who all benefit from our ease of installation and highly interoperable approach to building software that is simple to use and master out of the box. Visit www.correlog.com for more information.

AppInspect Tooling

Splunk AppInspect evaluates Splunk apps against a set of Splunk-defined criteria to assess the validity and security of an app package and components.

Are you a developer?

As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 50GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps and add-ons from Splunk, our partners and our community. Find an app or add-on for most any data source and user need, or simply create your own with help from our developer portal.

Follow Us:
© 2005-2019 Splunk Inc. All rights reserved.
Splunk®, Splunk>®, Listen to Your Data®, The Engine for Machine Data®, Hunk®, Splunk Cloud™, Splunk Light™, SPL™ and Splunk MINT™ are trademarks and registered trademarks of Splunk Inc. in the United States and other countries. All other brand names, product names, or trademarks belong to their respective owners.