Splunk Cookie Policy

We use our own and third-party cookies to provide you with a great online experience. We also use these cookies to improve our products and services, support our marketing campaigns, and advertise to you on our website and other websites. Some cookies may continue to collect information after you have left our website. Learn more (including how to update your settings) here.
Accept Cookie Policy

Accept License Agreements

This app is provided by a third party and your right to use the app is in accordance with the license provided by that third-party licensor. Splunk is not responsible for any third-party apps and does not provide any warranty or support. If you have any questions, complaints or claims with respect to this app, please contact the licensor directly.

Thank You

Downloading CorreLog zDefender SPLN Data Handler
To install your download
For instructions specific to your download, click the Details tab after closing this window.

Flag As Inappropriate

CorreLog zDefender SPLN Data Handler

Overview
Details
The CorreLog zDefender® SPLN Data Handler Add-on allows Splunk to handle SPLN formatted messages received from CorreLog zDefender. Incoming messages are assigned a Source Type, Event Types, and CIM mapping based on the message contents. Dashboards are included provide an overview of the data handled by Splunk. CorreLog has several additional Splunk App’s that provide detailed dashboards based on the messages processed by the Data Handler to facilitate Security Information and Event Management (SIEM) on IBM z/OS.

CorreLog also has a standalone version of zDefender. For more info on this and other CorreLog standalone mainframe security products, please visit www.correlog.com/mainframe.

CorreLog mainframe SIEM solutions are highly interoperable and, in addition to Splunk, we have certified integrations and field integrations with nearly every other Windows/UNIX/Open Source SIEM system on the market.

The CorreLog zDefender® SPLN Data Handler Add-on allows Splunk to handle SPLN formatted messages received from CorreLog zDefender. Incoming messages are assigned a Source Type, Event Types, and CIM mapping based on the message contents. Dashboards are included provide an overview of the data handled by Splunk. CorreLog has several additional Splunk App’s that provide detailed dashboards based on the messages processed by the Data Handler to facilitate Security Information and Event Management (SIEM) on IBM z/OS. The CorreLog zDefender SPLN Data Handler for Splunk handles records for:

  • RACF® - SMF80
  • Dataset Input, Output, Scratch, Rename – SMF 14, 15, 17, 18
  • SMF Performance Data – SMF 30
  • DFSMS – SMF 42
  • VSAM – SMF 60, 62, 64
  • IFC - SMF 61, 65, 66
  • RMF Performance – SMF 70, 72
  • CICS Performance and Resources – SMF 110
  • MQ – SMF 115, 116
  • TCP/IP – SMF 119
  • Top Secret
  • CA ACF2™
  • Plus other logged activity from z/OS

Version: 2.8.4

For more information on the standalone CorreLog zDefender for z/OS product, please visit www.correlog.com/mainframe.


The CorreLog zDefender Architecture


Requirements
This Add-on requires a CorreLog zDefender capable of sending SPLN formatted messages to your Splunk instance.


Support
For support for all CorreLog products, please visit www.correlog.com/support.


About CorreLog
Since 2007, CorreLog, Inc. has been committed to delivering software solutions for Security and Compliance auditing professionals who need more advanced network/system security and improved adherence to PCI DSS, HIPAA, SOX, FISMA, the GDPR, ISO 27001, IRS Pub. 1075, NERC and other industry standards for protecting data. Our solutions are designed to be complementary to clients’ existing IT investments.

CorreLog specializes in providing the most comprehensive Security & Compliance software at the industry’s lowest Total Cost of Ownership. Our solutions help secure data across both mainframe and distributed operating systems, and provide alerts with notifications in real-time to security and network operations resources. CorreLog has worked with companies across Fortune 500 to SMB class who all benefit from our ease of installation and highly interoperable approach to building software that is simple to use and master out of the box. Visit www.correlog.com for more information.

AppInspect Tooling

Splunk AppInspect evaluates Splunk apps against a set of Splunk-defined criteria to assess the validity and security of an app package and components.

Are you a developer?

As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 50GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps and add-ons from Splunk, our partners and our community. Find an app or add-on for most any data source and user need, or simply create your own with help from our developer portal.

Follow Us:
© 2005-2018 Splunk Inc. All rights reserved.
Splunk®, Splunk>®, Listen to Your Data®, The Engine for Machine Data®, Hunk®, Splunk Cloud™, Splunk Light™, SPL™ and Splunk MINT™ are trademarks and registered trademarks of Splunk Inc. in the United States and other countries. All other brand names, product names, or trademarks belong to their respective owners.