IBM i + Syslog Format

Posted by Rob Nettgen

November 8, 2017 | 10:30 AM

Share this blog on:     

IBM i syslog.jpgAs we’ve mentioned before, IT security on IBM i should be a high priority for anyone running the platform, despite its reputation as a traditionally “safe” environment. And while IBM i is a relatively safe platform, we need to change our mindset around IT security from IBM i being the “most secure” platform to the “most securable” platform.

Too many companies leave the proverbial key under the doormat. You can have the most secure deadbolt on the market, but if you make the key accessible it doesn’t matter. Likewise, IBM i can easily become insecure if your organization doesn’t intentionally design and implement a plan for information security.

Best IT security practices indicate that organizations should be running a SIEM (Security Information and Event Management) application or a system that is monitored by an SOC (information Security Operations Center). A SIEM uses syslog format to digest and parse information that it receives.

Traditionally, IBM i did not inherently translate IBM i logs into syslog format, so organizations using IBM i needed to purchase a third-party product to do the translation. Some companies who have implemented a SIEM have chosen to skip over the IBM i server because they didn’t want to pay that extra cost to provide a conduit between IBM i and that SIEM.

Luckily, IBM has recognized this security need and provided a less expensive option to include IBM i logs in a SIEM. As of IBM i 7.2 and with the release of DB2 support, IBM i can now export History log and Audit journal to syslog.

Similarly to the IBM i 7.1 support announcement, IBM quietly announced this support update. You can find more information here.  

Speaking of IBM i 7.1, the syslog support is only available via DB2 PTF enhancements in IBM i 7.2 and beyond, providing yet another reason to upgrade from IBM i 7.1.

Earlier this year, IBM announced that IBM i 7.1 will sunset support on April 30, 2018. So, not only will upgrading to 7.2 or, preferably, 7.3 provide this added functionality to follow IT security best practices, but it will allow you to maintain IBM support.

Have a question about securing your IBM i environment? Click below or contact our team to learn more. 

Learn more about securing your  IBM i environment

Topics: IBM i, security

About Rob Nettgen

Search

Subscribe to Email Updates

magento-platform-checklist
New Call-to-Action

Contact Us

B2B-2.0

Recent Posts