Pricing  Get Quote
 
 

ADSelfService Plus-SIEM integration

Integrate ADSelfService Plus with your SIEM system for event correlation and real-time analysis

Monitoring security incidents in real time has become a mandatory practice for every enterprise. To that end, many organizations rely on security information and event management (SIEM) solutions to safeguard their network against cyber security attacks.

As a self-service tool, ADSelfService Plus has a lot of critical information about user activity and events relating to security, such as failed password resets, failed user account lockouts, and more. If you already have a SIEM tool (such as Splunk, LogRhythm, or Log360) to analyze security events throughout your network, then integrating that tool with ADSelfService Plus can give you real-time data on what kind of actions end users are performing.

Once you've set up the integration, you can forward the log data generated in ADSelfService Plus right to your SIEM solution for further analysis. From there, you can use your SIEM solution to correlate log data from ADSelfService Plus with other logs in the network, as well as process and analyze ADSelfService Plus' logs to generate reports and trigger alerts for critical security incidents. ADSelfService Plus can also forward these logs in Syslog format to applications such as business intelligence tools.

Benefits of the ADSelfService Plus-SIEM integration:

  • Real-time log forwarding and analysis.
  • Log correlation with other logs in your network.
  • Insight into user activities.
  • Boost in the overall performance of your security system.

To learn how to integrate ADSelfService Plus with Splunk or any Syslog server, click here.

Searching for ADSelfService Plus log events in your SIEM system

The events from ADSelfService Plus can be viewed, searched, grouped into reports, and categorized in your SIEM product based on the following fields:

Field Purpose
ACCESS_MODE Filter events from ADSelfService Plus based on the mode of access (i.e. web browser, mobile app, or mobile site).
ACTION_NAME Filter log events based on the action performed, such as password reset, account unlock, password change, enrollment, and more.
DATE_TIME (or) TIME Filter log events based on the time of the action.
DOMAIN_NAME Filter log events based on the domain.
HOST Filter log events based on the host name.
IP Filter log events based on the IP address.
LOGIN NAME Filter log events based on the user login name.
STATUS Filter log events based on whether the action performed was a success or failure.

For example, when a user attempts to unlock their account via the ADSelfService Plus mobile app, ADSelfService Plus records detailed information about the event, including the user's IP address and login name. Here's a sample log:

ACCESS_MODE: Android App
ACTION_NAME: Self Unlock
DATE_TIME: 2017/12/02 04:09 PM
DOMAIN NAME: adssp
HOST: Galaxy-Note5.csez.zohocorpin.com
IP: 172.23.116.248
LOGIN NAME: anjali.g
STATUS: Cannot unlock the user. The user account is not locked.
TIME: 1512211164721 

Download

Highlights

Password self-service

Free Active Directory users from attending lengthy help desk calls by allowing them to self-service their password resets/ account unlock tasks. Hassle-free password change for Active Directory users with ADSelfService Plus ‘Change Password’ console. 

One identity with Single sign-on

Get seamless one-click access to 100+ cloud applications. With enterprise single sign-on, users can access all their cloud applications with their Active Directory credentials. Thanks to ADSelfService Plus! 

Password/Account Expiry Notification

Intimate Active Directory users of their impending password/account expiry by mailing them these password/account expiry notifications.

Password Synchronizer

Synchronize Windows Active Directory user password/account changes across multiple systems, automatically, including Office 365, G Suite, IBM iSeries and more. 

Password Policy Enforcer

Ensure strong user passwords that resist various hacking threats with ADSelfService Plus by enforcing Active Directory users to adhere to compliant passwords via displaying password complexity requirements.

Directory Self-UpdateCorporate Search

Portal that lets Active Directory users update their latest information and a quick search facility to scout for information about peers by using search keys, like contact number, of the personality being searched.

ADSelfService Plus trusted by