System Integrations

Go to > Cyber Incident Monitoring

Microsoft Office 365 integration currently supports user, admin, system, and policy actions...

Introduction  The GitHub integration collects events from the GitHub API.  https://docs.g...

Introduction  The Windows integration allows you to monitor the Windows OS, services, applicatio...

Introduction  The Sysmon for Linux integration allows you to monitor the Sysmon for Linux, which...

Introduction  With 1Password Business, you can send your account activity to your security infor...

Introduction  The Bitbucket integration collects audit logs from the audit log files or the audi...

Introduction  The AWS CloudTrail integration allows you to monitor AWS CloudTrail  Reference: h...

Introduction  The Amazon GuardDuty integration collects and parses data from Amazon GuardDuty Fi...

Introduction  The AWS Security Hub integration collects and parses data from AWS Security Hub RE...

Introduction  This document shows information related to AWS Integration.   The AWS integration...

Introduction  Cisco Meraki offers a centralized cloud management platform for all Meraki devices...

Introduction  Secure Endpoint offers cloud-delivered, advanced endpoint detection and response a...

Introduction  Cisco Umbrella is a cloud security platform that provides an additional line of de...

Introduction  Cloudflare integration uses Cloudflare's API to retrieve audit logs and traffic lo...

Introduction  This integration is for CrowdStrike products. It includes the following datasets f...

Introduction  Connecting Dropbox  Use the Workplace Search Dropbox connector to automatically c...

Introduction  This document shows information related to F5 Integration.   The F5 BIG-IP integr...

Introduction  This integration is for Fortinet FortiGate logs sent in the syslog format.  Pre...

Introduction  This document shows information related to GCP Integration.   The Google Cloud in...

Introduction  Introduced in GitLab Starter 8.4. Support for Amazon Elasticsearch was introduced ...

Introduction  Google Workspace (formerly G Suite) is a suite of cloud computing, productivity an...

Introduction  The JumpCloud integration allows you to monitor events related to the JumpCloud Di...

Introduction  The Mimecast integration collects events from the Mimecast API.  Assumpti...

Introduction  This integration is used to fetch logs and metrics from MongoDB.  Assumpt...

Introduction  The Okta integration collects events from the Okta API, specifically reading from ...

Introduction  This integration is for Pulse Connect Secure.  https://www.ivanti.com/pro...

Introduction  Slack is used by numerous organizations as their primary chat and collaboration to...

Introduction  The System integration allows you to monitor servers, personal computers, and more...

Remote File Copy via TeamViewer   Identifies an executable or script file remotely downloaded vi...

Introduction  This integration is for Zscaler Internet Access logs. It can be used to receive lo...

Google Cloud Platform Elastic Agent Version 2.33.2 Agent ...

This integration periodically fetches logs and metrics from vSphere vCenter servers.   Compatibi...

The SentinelOne integration collects and parses data from SentinelOne REST APIs. This integration...

Custom Windows Event Logs Collect and parse logs from any Windows event log channel with Elastic...

Introduction Windows Event Forwarding (WEF) allows the collection of event logs from multiple Wi...

Overview This PowerShell script forwards Windows event logs to a Linux server using the syslog p...

Overview The Sophos Central integration allows you to monitor Alerts and Events logs. Sophos Cen...

Introduction  The Bitbucket integration collects audit logs from the audit log files or the audi...

Palo Alto Cortex XDR Integration Using the Cortex XDR APIs, you can integrate Cortex XDR with th...

Introduction  Elastic Stack security features can be configured to authenticate users through Ac...

The Microsoft SQL Server integration package allows you to search, observe, and visualize the SQL...

Introduction This document shows information related to Azure Active Directory Integration.The A...

ESET PROTECT allows you to efficiently manage ESET products across workstations and servers withi...

ESET Threat Intelligence provides advanced, real-time insights into global cybersecurity threats,...

This manual explains how to get started monitoring the security posture of your Azure CSP using t...

The Azure Resource Manager (ARM) endpoint is the primary entry point for interacting with the Azu...

The Cisco Email Security Appliance (ESA) integration is a comprehensive solution for managing and...

Overview The Cisco Nexus integration allows users to monitor Errors and System Messages. The Cis...

BitDefender GravityZone supports SIEM integration using "push notifications", which are JSON mess...

Overview The Bitwarden integration allows users to monitor collections, events, groups, members ...

Introduction This guide will walk you through setting up Rsyslog for log forwarding between a cl...

# Define the syslog server IP address and port$syslogServerIP = "192.168.20.24"  # Replace with y...