Network Data |
|
|
|
switches |
Syslog |
Cisco IOS 12.0+, Juniper, HP, other vendors |
|
routers |
Syslog |
Cisco, Juniper, Fortigate, Palo Alto, SonicWall, other vendors |
|
firewalls |
Syslog |
Cisco ASA 9.1+, SonicWall 6.2+, Fortigate, CheckPoint, Sophos UTM, Palo Alto |
|
wireless devices |
Syslog |
SonicPoint, Cisco WPA |
|
proxy servers |
Syslog |
Microsoft Windows Proxy v4+, SQUID, IDS-IPS, NGINX, Apache, Microsoft IIS |
|
intrusion prevention/detection systems |
Syslog |
Cisco ASA 9.1+, SonicWall 6.2+, F5, Juniper, Fortigate, FirePower, Snort, SonicWall 6.2 |
|
NetFlow |
NetFlow |
NetFlow v5, v9, SonicWall 6.2+, F5, Juniper, Fortigate |
|
IPFIX |
IPFIX |
VMWare, other IPFIX vendors |
|
Databases |
|
|
|
Microsoft SQL Server |
WMI Querry |
MS SQL 2008 + |
|
Oracle |
DB Querry |
Oracle 12c+ |
|
MySQL |
DB Querry |
Maria DB (My SQL) 5+ |
|
Firebird |
DB Querry |
3.0.4+ |
|
PostgreSQL |
Syslog |
9.0+ |
|
Operating Systems |
|
|
|
Windows logs (application, security etc.) |
WMI Querry |
starting from Windows Server 2003 and Windows 7 |
|
Windows applications and services logs |
WMI Querry |
starting from Windows Server 2003 and Windows 7 |
|
Active Directory account attributes |
WMI Querry |
starting from Windows Server 2003 |
|
RedHat |
Syslog Operation Logs |
RedHat 5+ |
|
CentOS |
Syslog Operation Logs |
CentOS 5+ |
|
Debian |
Syslog Operation Logs |
Debian 7+ |
|
HP-UX |
Syslog Operation Logs |
11iV3 |
|
Ubuntu |
Syslog Operation Logs |
8+ |
|
SUSE |
Syslog Operation Logs |
12+ |
|
Solaris |
Syslog Operation Logs |
6.5+ |
|
IBM-AIX |
Syslog Operation Logs |
7.1+ |
|
Applications-Business |
|
|
|
TMG |
log files |
2010+ |
|
ISA SERVER |
log files |
2006+ |
|
GitLab |
log files |
GitLab 11.7 |
|
e-mailing |
|
|
|
Microsoft Exchange |
Exchange Tracking Log |
2010+ |
|
Postfix |
Syslog Operation Logs |
2.5.6+ |
|
Dovecoat |
Syslog Operation Logs |
2.2+ |
|
web servers |
|
|
|
Microsoft IIS |
log files |
6+ |
|
Apache |
Syslog Operation Logs |
2.4+ |
|
ngnix |
Syslog Operation Logs |
0.4+ |
|
Apache Tomcat |
Syslog Operation Logs |
8.0.53+ |
|
Physical Security |
|
|
|
Genetec |
log files |
5+ |
|
IAM |
|
|
|
One Identity Safeguard |
Syslog Operation Logs |
2.0+ |
|
Anti-virus |
|
|
|
Bitdefender GravityZone |
Syslog Operation Logs |
5.1+ |
|
McAfee |
Syslog Operation Logs |
10+ |
|
Amavis |
Syslog Operation Logs |
2.8+ |
|
Video analytics modules |
|
|
|
NEC Neoface |
DB Querry |
All versions |
|
Custom security applications |
|
|
|
Change Auditor |
WMI Querry |
5.9 |
|
Data Loss Prevention (DLP) |
|
|
|
Symantec |
Syslog Operation Logs |
14.5+ |
|
Vulnerability Management Solutions |
|
|
|
Nessus |
Syslog Operation Logs |
v6+ |
|
NetWrix |
Syslog Operation Logs |
9+ |
|
LastLine |
Syslog Operation Logs |
All versions |
|
Nexpose |
Syslog Operation Logs |
All versions |
|
CRM, ERP |
|
|
|
custom applications |
Syslog, log files etc. |
Custom development |
|
SIEMs |
|
|
|
Allien Vault |
Syslog format CEF |
5.2.2+ |
|
ArcSight |
Syslog format CEF |
6.11+ |
|
IBM QRadar |
Syslog format CEF |
7.2.8+ |
|
LogRithm |
Syslog format CEF |
7.2+ |
|
Quest InTrust |
Syslog format CEF |
9.7+ |
|
McAfee Enterprise Security |
Syslog format CEF |
10.1.2+ |
|
Splunk |
Syslog format CEF |
6.5 + |
|
Other appliances |
|
|
|
hypervisors |
|
Custom development |
|
VMWare |
Syslog |
5.5+ |
|
HyperV |
WMI |
2008+ |
|
UTM (Unified Threat Management) |
|
|
|
Sophos |
Syslog Operation Logs |
9.358+ |
|
Palo Alto Networks Introduces Cortex |
Api |
|
|
Cloud |
|
|
|
AWS CloudTrail |
Api |
|
|
Microsoft® Azure Log Analytics |
Syslog |
|
|