Products with Log Mappings

This topic lists products and services, organized by vendor, for which CSE provides built-in log mapping and parsing support. 

Adaxes

• Adaxes

Akamai

• Web Application Firewall

Alibaba

• ActionTrail

AlphaSOC

• Network Flight Recorder

Amazon AWS

• API Gateway
• AWS S3 Server Access Logs
• Application Load Balancer
• CloudFront
• CloudTrail
• CloudWatch
• Config
• Elastic Load Balancer
• GuardDuty
• Inspector
• Network Firewall
• Route53
• Security Hub
• Trusted Advisor
• VpcFlowLogs
• Web Application Firewall (WAF)

Aqua

• Aqua

Atlassian

• Jira

Auth0

• Auth0

Bandura

• Threat Intelligence Gateway

Barracuda

• Web Application Firewall

BlackBerry

• Workspace

BlueCat

• DHCP
• DNS

Box

• Box

Bro

• Bro

Carbon Black

• Defense
• Protect
• Response

CheckPoint

• Firewall and VPN
• IPS

Cisco Systems

• ASA
• Advanced Malware Protection (AMP)
• AnyConnect
• Firepower
• Identity Services Engine
• Identity Services Engine
• Ironport
• Meraki
• Router and Switch IOS
• Secure Access Control Server (ACS)
• Stealthwatch
• Umbrella

Citrix

• ADC
• Hypervisor

Cloudflare

• Logpush

Code42

• Code42

CrowdStrike

• FDR
• Falcon

Cyber-Ark

• Enterprise Password Vault

Cylance

• Protect

Darktrace

• Darktrace

Datto

• SIRIS 3 Professional
• SIRIS 4 Enterprise

Dell

• Firewall

Demisto

• Demisto Enterprise

Digital Guardian

• EDR

Docker

• Docker

Duo Security

• Multi-Factor Authentication (MFA)

ESET

• ESET

Endgame

• Endgame
• Detection

Exabeam

• Security Management Platform (SMP)

Extrahop

• Reveal(x)

F5

• F5

Falco

• Falco

FireEye

• Central Management System
• Endpoint Security

Forcepoint

• Web Security

Fortinet

• Fortigate

Gigamon

• ThreatInsight

Github

• Github

Google

• G Suite
• Google Cloud Platform
• Security Command Center

HP

• Aruba ClearPass
• Aruba Mobility Master
• Aruba Networking
• vSentry

Huawei

• Huawei

IBM

• Guardium
• WebSEAL Reverse Proxy
• WebSphere DataPower SOA Appliances

ISC

• Bind

Illumio

• Adaptive Security Platform

Imperva

• Imperva Incapsula
• SecureSphere

Infoblox

• DDI
• Network Identity Operating System

Intersect Alliance

• Snare Enterprise Agent for Windows

Juniper

• SRX Series Firewall

KasperskyLab

• SecurityCenter

Kubernetes

• Kubernetes

Lacework

• Lacework

Laravel

• Laravel

Linux

• Auditd
• Linux OS Syslog
• Messages
• Vault

Malwarebytes

• Malwarebytes Endpoint Protection

ManageEngine

• adauditplus

McAfee

• Avecto Defendpoint
• BeyondTrust Privilege Management
• Data Loss Prevention
• Drive Encryption
• Endpoint Security
• Endpoint Upgrade Assistant
• McAfee Agent
• McAfee Host Intrusion Prevention
• McAfee Management of Native Encryption
• Mvision-Cloud Access Security Broker
• Network Security
• Solidifier
• System Prep Tool
• VirusScan Enterprise
• VirusScan Enterprise for Storage
• Web Gateway
• ePolicy Orchestrator

Micro Focus

• Console
• SOA
• Voltage SecureData Enterprise

Microsoft

• Advanced Threat Analytics
• Azure
• Cloud App Security
• Graph Identity Protection API
• Graph Security API
• Office 365
• Windows
• Windows Firewall Management

Mimecast

• Mimecast

NMS

• NMS

Netskope

• Security Cloud

OAuth

• OAuth

OISF

• Suricata IDS

ObserveIT

• ObserveIT

Okta

• Single Sign-On

OneLogin

• OneLogin Single Sign-On

OpenSSH

• sshd

Ossec

• Ossec Server

Palo Alto Networks

• Cortex XDR
• GlobalProtect
• Next Generation Firewall
• Traps

PassiveDns

• PassiveDns

PingIdentity

• PingFederate

PreemptSecurity

• PBF

Pritunl

• Pritunl

Proofpoint

• Proofpoint on Demand
• Targeted Attack Protection

Pulse

• Secure Appliance

Qualys

• VMScan

RSA

• SecurID Runtime
• SecurID SinglePoint

Redlock

• Redlock

Ruckus

• ZoneDirector

SSLVPN

• SSLVPN

Salesforce

• Salesforce

SecureAuth

• IdP

SentinelOne

• SentinelOne

Sequr

• Access Control

Shibboleth

• Identity Provider

Signal Sciences

• Web Application Firewall

Slack

• Slack

Sophos

• Central
• Endpoint
• UTM 9

Squid

• Squid Proxy

Sumo Logic

• Scheduled Searches

Symantec

• Data Loss Prevention
• Endpoint Protection
• Proxy Secure Gateway
• Web Security Service

Tanium

• Tanium Core

Tenable

• Cloud API

Thycotic Software

• Secret Server

Trend Micro

• Apex Central
• Control Manager
• Deep Security
• Vision One

Twistlock

• Twistlock

VMware

• ESX
• Horizon

Varonis

• DatAdvantage

Vectra

• Cognito

WatchGuard

• WatchGuard

Workday

• Workday

Zscaler

• Firewall
• Nanolog Streaming Service
• ZPA Log Streaming Service