AS/400
Version: AS/400 iSeries 6.1-7.1.
AS/400 operating system is object-based. Features include a RDBMS (DB2/400), a menu-driven interface, support for multiple users, block-oriented terminal support (IBM 5250), and printers. It supports security, communications, and web-based applications which can be executed inside the optional IBM WebSphere Application Server or as PHP/MySQL applications inside a native port of the Apache web server.
Netsurion Open XDR is an enterprise-class platform that seamlessly combines SIEM, Log Management, File Integrity Monitoring, machine analytics and so forth.
Netsurion Data Source Integration for AS/400 allows you to monitor the following components: –
- Security – Command string auditing and directory link and unlink activities.
- Operation – Authority change activities, object operations and interprocess communication.
- Compliance – User authentication failures and audit change activities.
After the AS/400 is configured to deliver events to the Netsurion Open XDR, the dashboards and reports can be configured into Netsurion Open XDR.
The following are the key Data Source Integration available in Netsurion Open XDR.
Alerts
| Type | Name | Description |
|---|---|---|
| Security | AS/400 – Directory unlink | This alert is generated when any directory is unlinked or removed. |
| Operations | AS/400 – Interprocess communication activities | This alert is generated when any interprocess communication changes occur such as ownership change, create, delete, authority failure and shared memory removal or attach. |
| Operations | AS/400 – Object operations | This alert is generated when any objects operation has taken place such as object created, deleted, renamed, modified, ownership changed, and assigned rights. |
| Compliance | AS/400 – User authentication failures | This alert is generated when any user authentication failure occurs. |
Reports
| Type | Name | Description |
|---|---|---|
| Security | AS/400 – Command string audit | This report provides information related to all the command strings that has been executed in the AS/400 CLI. |
| Operations | AS/400 – Authority change activities | This report provides information related to all the changes in authority like grant, replace and revoke. |
| Operations | AS/400 – Spooled file activities | This report provides information related to all the spooled file activities. |
| Operations | AS/400 – Interprocess communication activities | This report provides information related to all the interprocess communications. |
| Operations | AS/400 – Object operations | This report provides information related to all the object operations such as object created, deleted, renamed, modified, ownership changed, and assigned rights. |
| Compliance | AS/400 – User authentication failures | This report provides information related to all the user authentication failures. |
Documentation
The configuration details are consistent with Netsurion Open XDR 8.x and later, and AS/400.
Download Integration Guide for configuration instructions and more information.