Working with IFS logs

When an organization is using a Security Information and Event Management (SIEM) system, Raz-Lee Security provides the administrator with an easy and effective tool for sending messages and events to those systems. With special capabilities and advanced features, Raz-Lee allows configuring up to three unique SIEM systems to be handled using the IFS logs mechanism.

NOTE: For more information about SIEM integration and configuration, see SIEM Support.

To access the IFS Logs:

• Select 15. IFS Logs from the Audit main menu screen(STRAUD > 15).

​ AUIFSMN​                          ​  IFS Logs ​                 ​ iSecurity⁄SysCtl​                                                               ​ System:​ ​ S520    ​  ​ Select one of the following:​                                                                                                                                     ​ Settings​                                                                        ​  1. Work with Definitions        ​                                                                                                                                ​  5. Work with Activities         ​                                                                                                                                                                                                                 ​ Activate IFS Log Detect​                                                         ​ 21. Activate​                                                                    ​ 22. Deactivate​                                                                                                                                                   ​ Note: Apache, WebSphere and other well-known servers can be set to  ​            ​ produce logs in CEF format.                                        ​                                                                                                                                                                               ​ Selection or command                  ​                                          ​ ===>​                                                                                                                                                           ​  ​ F3=Exit   F4=Prompt   F9=Retrieve   F12=Cancel                                ​  ​ F13=Information Assistant  F16=AS⁄400 main menu                                 ​                                                                               ​  ​

The IFS Logs menu allows the administrator to set and configure various types of message sources to be forwarded to SIEM systems such as Apache web server, IBM's WebSphere Application Server (WAS), and various database tools.