Security Data

The following data sources are supported in each of the security data categories for the InsightOps Collector:

Active Directory

  • Microsoft Active Directory Security Logs

Advanced Malware

  • FireEye NX

Cloud Service

  • AWS Cloud Trail
  • Box.com
  • Duo Security
  • Google Apps
  • Office 365
  • Okta
  • Salesforce

Database Audit Logs

  • Microsoft SQL Server

DNS

  • dnsmasqDNS
  • ISC Bind9
  • Microsoft DNS
  • MikroTik
  • PowerDNS

DHCP

  • Alcatel-Lucent VitalQIP
  • Bluecat
  • Cisco IOS
  • Cisco Meraki
  • dnsmasqDHCP
  • Infoblox Trinzic
  • ISC dhcpd
  • Microsoft DHCP
  • MicroTik DHCP Server
  • Sophos UTM

Email & ActiveSync

  • Microsoft Exchange Plugin
  • Microsoft ActiveSync & Outlook Web Access

Firewall

  • Barracuda NG
  • Check Point
  • Cisco ASA
  • Cisco Meraki
  • Clavister W20
  • Fortinet Fortigate
  • Juniper Netscreen
  • Juniper Junos OS
  • Palo Alto Networks Firewall
  • pfSense Firewall
  • SonicWALL + SonicWALL CSV delimited
  • Sophos Firewall
  • Stonesoft Firewall
  • Watchguard XTM + CSV delimited

Generic Windows Event Log

  • Rapid7 Generic Windows Event Log

IDS

  • Corero IPS
  • Dell iSensor
  • HP TippingPoint
  • McAfee IDS
  • Metaflows IDS
  • Security Onion
  • Snort
  • Sourcefire 3D

Virus Scan

  • Cylance Protect
  • ESET Antivirus
  • McAfee ePO
  • Sophos Enduser Protection
  • Symantec Endpoint Protection
  • TrendMicro OfficeScan
  • TrendMicro Control Manager

VPN

  • Barracuda SSL
  • Cisco ASA
  • F5 Networks FirePass
  • Microsoft IAS (RADIUS)
  • Microsoft Network Policy Server
  • Microsoft Remote Web Access
  • MobilityGuard OneGate
  • Netscaler VPN
  • OpenVPN
  • Pulse Connect Secure
  • VMWare Horizon