Distributed solutions for IT security

The CorreLog SIEM Correlation Server provides a hub for collecting event logs from Windows, UNIX, Linux, SAP, virtual servers, and other distributed assets.

Standalone System or Complement to Existing SIEM/SOC

The CorreLog SIEM Correlation Server provides a hub for collecting event logs from Windows, UNIX, Linux, SAP, virtual servers, and other distributed assets that can tell you about the secure state of your enterprise environment. CorreLog SIEM can be used as a standalone server or as complementary solution to your existing SIEM or component of your SOC.

In an SIEM environment where your license is priced by data throughput, CorreLog SIEM Server can be used to intercept and filter security event logs before the data is consumed by your SIEM and sent to your SOC. The result is reduced throughput and considerable cost savings to your IT investment. CorreLog SIEM system runs as a Windows service, with a standard web browser UI, and consumes minimal system resources. The entire CorreLog SIEM package can be downloaded in about 30 seconds on a modest 10 Mbps Internet connection.

With its ability to collect and reformat disparate log data to industry-standard syslog protocol for SIEM, CorreLog provides system-wide interoperability unmatched by rival, competing SIEM vendors.

CorreLog SIEM provides a standards-based method of collecting all the system log messages of your network using industry standard syslog protocol and SNMP traps. These messages are then correlated into understandable threats, alerts, and actions using sophisticated, easily configured rules, which are then reduced to actionable “tickets” that are sent to administrators as a trigger for remediation of incidents.

To view our distributed products, please select a product from the Windows/UNIX Products navigation menu at the top of the page.

Correlog Server

SIEM Correlation Server

CorreLog SIEM Server is a lightweight, powerful, and highly functional SIEM tool delivering enterprise log management and correlation for security and compliance across Windows, UNIX, and Linux platforms.

Agent for SAP ERP

CorreLog Agent for SAP ERP facilitates the security and compliance benefits of SIEM in your SAP ERP platform. In real time, the agent monitors over 80 core SAP audit codes and converts the messages into SIEM-readable syslog format.

Change Tracker

Change Tracker is a full-scale configuration management and policy compliance solution, ensuring workstations, servers, network devices, firewalls, and directories meet your organization’s configuration policy.

Windows Agent for Syslog

Windows Agent for Syslog is a light resource-utilization tool for converting Windows logs to SIEM syslog format. Windows Agent reads Microsoft event log information in real time and converts this data into SIEM-readable messages – available as free download.


SyslogDefender™ reinforces syslog event message security with authentication and AES 256-bit encryption, and forwards them to your SIEM. SyslogDefender™ protects and consolidates the flow of event messages through your firewall for fortified SIEM integrity.

Streamlining Splunk Enterprise with CorreLog

CorreLog SIEM Server regulates Splunk log throughput reducing the amount of log data forwarded to your SIEM or SOC. SIEM Server reduces TCO of your SIEM by sending only the most pertinent log data to Splunk Enterprise.


Correlog SIEM Server Brochure

Interested in learning more?