Advanced Search
Search Results
204 total results found
GitHub
Introduction The GitHub integration collects events from the GitHub API. https://docs.github.com/en/rest?apiVersion=2022-11-28 Logs Audit The GitHub audit log records all events related to the GitHub organization. To use this integratio...
Sysmon for Linux
Introduction The Sysmon for Linux integration allows you to monitor the Sysmon for Linux, which is an open-source system monitor tool developed to collect security events from Linux environments. Use the Sysmon for Linux integration to collect logs from li...
1 Password Integrations
Introduction With 1Password Business, you can send your account activity to your security information and event management (SIEM) system, using the 1Password Events API. Get reports about 1Password activity, such as sign-in attempts and item usage, while y...
Add Windows Integrations
Introduction The Windows integration allows you to monitor the Windows OS, services, applications, and more. https://docs.microsoft.com/ Use the Windows integration to collect metrics and logs from your machine. Then visualize that data i...
Atlassian Bitbucket Integrations
Introduction The Bitbucket integration collects audit logs from the audit log files or the audit API. Reference: https://developer.atlassian.com/server/bitbucket/reference/rest-api/ Assumptions The procedures described in Section 3 assume tha...
AWS Cloudtrails Integrations
Introduction The AWS CloudTrail integration allows you to monitor AWS CloudTrail Reference: https://aws.amazon.com/cloudtrail/ Use the AWS CloudTrail integration to collect and parse logs related to account activity across your AWS infrastructure. Then ...
AWS GuardDuty Integrations
Introduction The Amazon GuardDuty integration collects and parses data from Amazon GuardDuty Findings REST APIs. The Amazon GuardDuty integration can be used in three different modes to collect data: HTTP REST API - Amazon GuardDuty pushes logs d...
AWS Security Hub Integrations
Introduction The AWS Security Hub integration collects and parses data from AWS Security Hub REST APIs. Assumptions The procedures described in Section 3 assumes that a Log Collector has already been setup. Compatibility This module ...
AWS Integrations
Introduction This document shows information related to AWS Integration. The AWS integration is used to fetch logs and metrics from Amazon Web Services. The usage of the AWS integration is to collect metrics and logs across many AWS services managed by ...
CISCO Meraki Integrations
Introduction Cisco Meraki offers a centralized cloud management platform for all Meraki devices such as MX Security Appliances, MR Access Points and so on. Its out-of-band cloud architecture creates secure, scalable, and easy-to-deploy networks that can be m...
CISCO Secure Endpoint Integrations
Introduction Secure Endpoint offers cloud-delivered, advanced endpoint detection and response across multidomain control points to rapidly detect, contain, and remediate advanced threats. Assumptions The procedures described in Section 3 assume tha...
CISCO Umbrella Integrations
Introduction Cisco Umbrella is a cloud security platform that provides an additional line of defense against malicious software and threats on the internet by using threat intelligence. That intelligence helps prevent adware, malware, botnets, phishing attac...
Cloudflare Integration
Introduction Cloudflare integration uses Cloudflare's API to retrieve audit logs and traffic logs from Cloudflare, for a particular zone, and ingest them into Elasticsearch. This allows you to search, observe and visualize the Cloudflare log events through E...
Crowdstrike Integrations
Introduction This integration is for CrowdStrike products. It includes the following datasets for receiving logs: falcon dataset consists of endpoint data and Falcon platform audit data forwarded from Falcon SIEM Connector. fdr dataset consists of logs f...
Dropbox Integrations
Introduction Connecting Dropbox Use the Workplace Search Dropbox connector to automatically capture, sync and index the following items from your Dropbox service: Stored Files Including ID, File Metadata, File Content, Updated by, and timestamps. Dro...
F5 Integrations
Introduction This document shows information related to F5 Integration. The F5 BIG-IP integration allows users to monitor LTM, AFM, APM, ASM, and AVR activity. F5 BIG-IP covers software and hardware designed around application availability, access control...
Fortinet-Fortigate Integrations
Introduction This integration is for Fortinet FortiGate logs sent in the syslog format. Pre-requisite: Configure syslog on FortiGate From the GUI: Log into FortiGate. Select Log & Report to expand the menu. Select Log Settings. Toggle Send ...
GCP Integrations
Introduction This document shows information related to GCP Integration. The Google Cloud integration collects and parses Google Cloud Audit Logs, VPC Flow Logs, Firewall Rules Logs and Cloud DNS Logs that have been exported from Cloud Logging to a Google...
GitLab Integrations
Introduction Introduced in GitLab Starter 8.4. Support for Amazon Elasticsearch was introduced in GitLab Starter 9.0. This document describes how to set up Elasticsearch with GitLab. Once enabled, you'll have the benefit of fast search response times and t...
Google Workspace Integrations
Introduction Google Workspace (formerly G Suite) is a suite of cloud computing, productivity and collaboration tools, software and products developed and marketed by Google. It allows users to create, edit, and share documents, spreadsheets, presentations, a...