Integrations And Data Sources

Integrations overview

LogSentinel SIEM can collect data from everywhere. The lists below include only the most popular vendors and products, but because of the flexibility of our collector, we can collect anything that generates logs:

  • Syslog in any variation (RFC 3164, RFC 5424; CEF, LEEF)

  • IPFIX/NetFlow

  • Text files in any variation (comma-separated, tab separated, fixed length columns, access log format, Linux audit log, JSON, XML) accessed in any fashion (ssh, shared drives, local)

  • Windows logs

  • Database tables in any RDBMS and any structure

  • Database-native audit logs for major vendors

  • Cloud services with RESTful APIs

Cloud integrations

Source type

Sources

Infrastructure-as-a-Service (IaaS)
  • Amazon Web Services (AWS)
  • Microsoft Azure
  • Google Cloud Platform


Identity and access management (IAM)
  • Okta
  • Azure AD
  • Centrify
  • OneLogin
  • Ping
Office and Cloud Storage
  • Microsoft365 / Office365 / OneDrive
  • Google Workplace (G Suite)/ Google Drive
  • Dropbox
  • Box.com
General Software-as-a-Service (SaaS)
  • Salesforce
  • HubSpot
  • Workday
  • Slack
  • ServiceNow
  • Atlassian products
  • Zendesk
  • Mailchimp
Web conferencing
  • Zoom
  • WebEx
  • Google Meet
  • Microsoft Teams
Other
  • Any other cloud service exposing a RESTful API

On-premise integrations

Source type

Sources

Databases

  • Oracle
  • Microsoft SQL Server
  • MySQL
  • PostgreSQL

Firewalls

  • Barracuda
  • Cisco
  • Fortinet
  • Forcepoint
  • GlassWire
  • Juniper
  • Palo Alto
  • pfSense
  • Sophos
  • SonicWall
  • WatchGuard
  • ZScaler

Endpoint protection / antivirus

  • Avast
  • BitDefender
  • Carbon Black
  • Cisco AMP
  • Crowdstrike
  • ESET
  • F-Secure
  • FireEye Endpoint Security
  • Kaspersky
  • MalwareBytes
  • McAfee
  • SentinelOne
  • Sophos
  • Synantec
  • TrendMicro

Web servers

  • Apache
  • Nginx
  • Internet Information Services
  • Apache Tomcat
  • Jetty
  • GlassFish

VPN

  • Barracuda
  • Cisco
  • Citrix
  • OpenVPN
  • F5 Networks
  • Fortinet
  • SonicWall
  • Juniper Pulse

Identity and access management (IAM)

  • OpenAM
  • Keycloak
  • Shibooleth IDP
  • CAS
  • Centrify
  • Ping
  • RSA SecurID Access

Cloud access security broker (CASB)

  • Bitglass
  • Forcepoint
  • Imperva
  • Netskope
  • Symantec

Misc

  • ActiveDirectory
  • Microsoft Exchange
  • Microsoft Dynamics
  • Microsoft SharePoint
  • SAP
  • VMWare vCenter/ESXI
  • Epic
  • Kubernetes

Other

Any other application/service that has writes a log to syslog, text file, database or Windows log, or exposes it through RESTful API

Interested in a SIEM Solution that combines log management, behavior analytics (UEBA), threat detection, and incident response into a complete security monitoring platform? Talk to us today!

REQUEST DEMO