Products
Insight Platform Solutions
XDR & SIEM
INSIGHTIDR
Threat Intelligence
THREAT COMMAND
Vulnerability Management
INSIGHTVM
Dynamic Application Security Testing
INSIGHTAPPSEC
Orchestration & Automation (SOAR)
INSIGHTCONNECT
Cloud Security
INSIGHTCLOUDSEC
More Solutions
Penetration Testing
METASPLOIT
On-Prem Vulnerability Management
NEXPOSE
Application Monitoring & Protection
TCELL
Digital Forensics and Incident Response (DFIR)
Velociraptor
Insight Platform
Free Trial
Services
MANAGED SERVICES
Detection and Response
24/7 MONITORING & REMEDIATION FROM MDR EXPERTS
Vulnerability Management
PERFECTLY OPTIMIZED RISK ASSESSMENT
Application Security
SCAN MANAGEMENT & VULNERABILITY VALIDATION
OTHER SERVICES
Security Advisory Services
PLAN, BUILD, & PRIORITIZE SECURITY INITIATIVES
Product Consulting
QUICK-START & CONFIGURATION
Training & Certification
SKILLS & ADVANCEMENT
Penetration Services
TEST YOUR DEFENSES IN REAL-TIME
IoT Security Testing
SECURE EVERYTHING CONNECTED TO A CONNECTED WORLD
Premium Support
PRIORITY HELP & FASTER SOLUTIONS
Support & Resources
SUPPORT
Support Portal
CONTACT CUSTOMER SUPPORT
Product Documentation
EXPLORE PRODUCT GUIDES
Release Notes
DISCOVER THE LATEST PRODUCT UPDATES
Contact Us
TALK TO SALES
RESOURCES
Fundamentals
FOUNDATIONAL SECURITY KNOWLEDGE
Blog
THE LATEST INDUSTRY NEWS AND SECURITY EXPERTISE
Resources Library
E-BOOKS, WHITE PAPERS, VIDEOS & BRIEFS
Extensions Library
PLUGINS, INTEGRATIONS & DEVELOPER COMMUNITY
Partners
RAPID7 PARTNER ECOSYSTEM
Webcasts & Events
UPCOMING OPPORTUNITIES TO CONNECT WITH US
Vulnerability & Exploit Database
SEARCH THE LATEST SECURITY RESEARCH
Company
OVERVIEW
About Us
OUR STORY
Leadership
EXECUTIVE TEAM & BOARD
News & Press Releases
THE LATEST FROM OUR NEWSROOM
Careers
JOIN RAPID7
COMMUNITY & CULTURE
Social Good
OUR COMMITMENT & APPROACH
Rapid7 Cybersecurity Foundation
BUILDING THE FUTURE
Diversity, Equity & Inclusion
EMPOWERING PEOPLE
Open Source
STRENGTHENING CYBERSECURITY
Public Policy
ENGAGEMENT & ADVOCACY
Research
Sign In
Documentation
InsightOps
AppSpider
Insight Agent
InsightAppSec
InsightCloudSec
InsightConnect
Insight Platform
InsightIDR
Insight Network Sensor
InsightOps
InsightVM
Metasploit
Nexpose
tCell
Managed Services
Products
Insight Platform Solutions
XDR & SIEM
INSIGHTIDR
Threat Intelligence
THREAT COMMAND
Vulnerability Management
INSIGHTVM
Dynamic Application Security Testing
INSIGHTAPPSEC
Orchestration & Automation (SOAR)
INSIGHTCONNECT
Cloud Security
INSIGHTCLOUDSEC
More Solutions
Penetration Testing
METASPLOIT
On-Prem Vulnerability Management
NEXPOSE
Application Monitoring & Protection
TCELL
Digital Forensics and Incident Response (DFIR)
Velociraptor
Insight Platform
Free Trial
Services
MANAGED SERVICES
Detection and Response
24/7 MONITORING & REMEDIATION FROM MDR EXPERTS
Vulnerability Management
PERFECTLY OPTIMIZED RISK ASSESSMENT
Application Security
SCAN MANAGEMENT & VULNERABILITY VALIDATION
OTHER SERVICES
Security Advisory Services
PLAN, BUILD, & PRIORITIZE SECURITY INITIATIVES
Product Consulting
QUICK-START & CONFIGURATION
Training & Certification
SKILLS & ADVANCEMENT
Penetration Services
TEST YOUR DEFENSES IN REAL-TIME
IoT Security Testing
SECURE EVERYTHING CONNECTED TO A CONNECTED WORLD
Premium Support
PRIORITY HELP & FASTER SOLUTIONS
Support & Resources
SUPPORT
Support Portal
CONTACT CUSTOMER SUPPORT
Product Documentation
EXPLORE PRODUCT GUIDES
Release Notes
DISCOVER THE LATEST PRODUCT UPDATES
Contact Us
TALK TO SALES
RESOURCES
Fundamentals
FOUNDATIONAL SECURITY KNOWLEDGE
Blog
THE LATEST INDUSTRY NEWS AND SECURITY EXPERTISE
Resources Library
E-BOOKS, WHITE PAPERS, VIDEOS & BRIEFS
Extensions Library
PLUGINS, INTEGRATIONS & DEVELOPER COMMUNITY
Partners
RAPID7 PARTNER ECOSYSTEM
Webcasts & Events
UPCOMING OPPORTUNITIES TO CONNECT WITH US
Vulnerability & Exploit Database
SEARCH THE LATEST SECURITY RESEARCH
Company
OVERVIEW
About Us
OUR STORY
Leadership
EXECUTIVE TEAM & BOARD
News & Press Releases
THE LATEST FROM OUR NEWSROOM
Careers
JOIN RAPID7
COMMUNITY & CULTURE
Social Good
OUR COMMITMENT & APPROACH
Rapid7 Cybersecurity Foundation
BUILDING THE FUTURE
Diversity, Equity & Inclusion
EMPOWERING PEOPLE
Open Source
STRENGTHENING CYBERSECURITY
Public Policy
ENGAGEMENT & ADVOCACY
Research
Sign In
Documentation
InsightOps
AppSpider
Insight Agent
InsightAppSec
InsightCloudSec
InsightConnect
Insight Platform
InsightIDR
Insight Network Sensor
InsightOps
InsightVM
Metasploit
Nexpose
tCell
Managed Services
Release Notes
Docs Menu
Welcome
InsightOps Overview
Quick Start Guide
Set up the Insight Agent
Search Your Data
Create Tags and Alerts
Create Dashboards and Reports
InsightOps Homepage
Resources and Help
InsightOps and the Insight Platform
Log Search
Using Log Search
Visual Search
Advanced and Simple Search
Live Tail & Aggregate Tail
Entry Inspector
Time Range
Analytic Packs
Building Queries
Regular Expression
JSON & KVP
Analytic Functions and Visualizations
Using Logical Operators in a Search Query
IP Search
Structures
Apache & Nginx Structure
JSON Structure
Syslog Structure
Loose Search
Graphing
Reports
Dashboards
Alerts
Alerts Overview
Inactivity Detection Alert
Pattern Detection Alerts
Change Detection Alerts
Alert Settings
Third Party Integrations
Data Collection
Data Collection Overview
Insight Agent
Syslog
The Collector
Collector Setup
Collector Troubleshooting
What are Data Sources?
Application Logging Libraries
Transport Methods
Security Data
System Data
Setting Up DataHub
Adding Data Structures
Agent logging
Using Insight Agent to send log data
NXLog
Syslog
Syslogd
Syslog-ng
Rsyslog
Rsyslog Deployment via Chef
Application Logging libraries
Log4Net
Nlog
Log4j & Log4j2
Java Util
Logback
Docker
Javascript/HTML5
NodeJS
Python
Ruby
Cloud Services
Amazon: Logging from EC2
Amazon: S3 via Lambda
Heroku drains
Direct Connections
Token TCP
Plain TCP/UDP
HTTP POST
Collector Data Sources
Active Directory
Advanced Malware
AWS Cloud Trail
Box.com
Office 365
Duo Security
Google Apps
Okta
Salesforce
Syslog
Database Audit Logs
Cisco Umbrella
DNS
Cisco IOS
InfoBlox Trinzic
Cisco Meraki
OWA/ActiveSync
Barracuda
Fortinet Firewall
WatchGuard XTM
Cisco ASA
Generic Windows Event Log
McAfee IDS
Snort
Security Onion
Sourcefire 3D (Cisco FirePower)
Cylance Protect
McAfee ePO
Symantec Endpoint Protection
Trend Micro OfficeScan
Sophos Enduser Protection
NetScaler VPN
OpenVPN
Pulse Connect Secure
Integrations
AWS CloudTrail Integration
Applicaton Logging
Pixel Tracker
REST API
REST API Overview
Query API
Saved Queries
Tags
Labels
GET Label
GET Labels
Logs
GET Log
GET Logs
PUT Log
POST Log
DELETE Log
Logsets
GET Logsets
GET Logset
PUT logset
POST logset
DELETE logset
Download Log
Usage
GET Account Usage
GET Log Usage
GET Logs Usage
API Keys
GET API key
Settings
User Management
Credential Settings
MFA Settings
S3 Archiving
Timestamps
Release Notes
InsightOps release notes
Support
Contact the Rapid7 Support team
Share an idea with Rapid7
Welcome
InsightOps Overview
Quick Start Guide
Set up the Insight Agent
Search Your Data
Create Tags and Alerts
Create Dashboards and Reports
InsightOps Homepage
Resources and Help
InsightOps and the Insight Platform
Log Search
Using Log Search
Visual Search
Advanced and Simple Search
Live Tail & Aggregate Tail
Entry Inspector
Time Range
Analytic Packs
Building Queries
Regular Expression
JSON & KVP
Analytic Functions and Visualizations
Using Logical Operators in a Search Query
IP Search
Structures
Apache & Nginx Structure
JSON Structure
Syslog Structure
Loose Search
Graphing
Reports
Dashboards
Alerts
Alerts Overview
Inactivity Detection Alert
Pattern Detection Alerts
Change Detection Alerts
Alert Settings
Third Party Integrations
Data Collection
Data Collection Overview
Insight Agent
Syslog
The Collector
Collector Setup
Collector Troubleshooting
What are Data Sources?
Application Logging Libraries
Transport Methods
Security Data
System Data
Setting Up DataHub
Adding Data Structures
Agent logging
Using Insight Agent to send log data
NXLog
Syslog
Syslogd
Syslog-ng
Rsyslog
Rsyslog Deployment via Chef
Application Logging libraries
Log4Net
Nlog
Log4j & Log4j2
Java Util
Logback
Docker
Javascript/HTML5
NodeJS
Python
Ruby
Cloud Services
Amazon: Logging from EC2
Amazon: S3 via Lambda
Heroku drains
Direct Connections
Token TCP
Plain TCP/UDP
HTTP POST
Collector Data Sources
Active Directory
Advanced Malware
AWS Cloud Trail
Box.com
Office 365
Duo Security
Google Apps
Okta
Salesforce
Syslog
Database Audit Logs
Cisco Umbrella
DNS
Cisco IOS
InfoBlox Trinzic
Cisco Meraki
OWA/ActiveSync
Barracuda
Fortinet Firewall
WatchGuard XTM
Cisco ASA
Generic Windows Event Log
McAfee IDS
Snort
Security Onion
Sourcefire 3D (Cisco FirePower)
Cylance Protect
McAfee ePO
Symantec Endpoint Protection
Trend Micro OfficeScan
Sophos Enduser Protection
NetScaler VPN
OpenVPN
Pulse Connect Secure
Integrations
AWS CloudTrail Integration
Applicaton Logging
Pixel Tracker
REST API
REST API Overview
Query API
Saved Queries
Tags
Labels
GET Label
GET Labels
Logs
GET Log
GET Logs
PUT Log
POST Log
DELETE Log
Logsets
GET Logsets
GET Logset
PUT logset
POST logset
DELETE logset
Download Log
Usage
GET Account Usage
GET Log Usage
GET Logs Usage
API Keys
GET API key
Settings
User Management
Credential Settings
MFA Settings
S3 Archiving
Timestamps
Release Notes
InsightOps release notes
Support
Contact the Rapid7 Support team
Share an idea with Rapid7
Syslog
Learn how to configure Syslog for InsightOps to ingest:
Syslogd
Syslog-ng
Rsyslog
Rsyslog Deployment via Chef
Did this page help you?
Yes
No
Adding Data Structures
NXLog
Adding Data Structures
Syslogd