Supported Log Source

LogPoint parses and analyzes the logs from over hundreds of integrations. The Supported Log Source guide lists the integrations supported by the LogPoint.

Note

We are continuously adding more SIEM log sources based on customer needs. Please contact the LogPoint Support team if you don’t see what you need in the list below.

List of Supported Log Source

The following table lists the applications, devices, and versions supported by application with LogPoint:

Application

Supported Devices/Supported Versions

A10 Networks

  • A10 Thunder Server 2.7.2

  • A10 Thunder Series and AX Series

  • A10 Web Application Firewall

Activtrak

Activtrak 4.3.x.x

AgileSI

AgileSI v2.x.x

AIX

AIX 7.x

Apache HTTP Server

Apache HTTP Server v2.x (Common Log Format) Apache Tomcat v7, v8 Apache Web Servers

Arbor Networks

  • Arbor Pravail APS

  • Arbor Network APS Version 5.9

Aruba

  • ArubaOS

  • Aruba ClearPass

Ascom UCM

Ascom Unite Connectivity Manager (Unite CM)

Asterisk

Asterisk v1.8.7

Atrica Proxy

Artica Proxy version 3.x

Avaya NAC

Avaya NAC

Balabit

Balabit Shell Control Box 5.0.2

Barracuda

  • Barracuda Web Application Firewall v7.x, v8.x

  • Barracuda Web Application Firewall CEF

  • Barracuda Spam & Virus Firewall v4.x

  • Barracuda NG Firewall v6.x, v7.x

  • Barracuda Web Security Gateway v6.x

Beyond Trust

  • Bomgar Remote Support v16.2.1

  • Privileged Access Management

  • PowerBroker Insight Version v6.4.7.118

BIG-IP

  • BIG-IP v11.x.x

  • BIG-IP v12.x.x

  • BIG-IP v13.x.x

BitDefender

  • BitDefender GravityZone 5.1.21-460

  • BitDefender Endpoint Security 5.3.20-6642

Bintec Router

Router RS353JV

Blue Coat

Access Logs for BlueCoat SG/BlueCoat SG Proxy - SGOS 6.5.2.1

BoxAudit

Boxaudit

BRO IDS

Bro IDS 2.5.x

Broadcom

CA Privileged Access Manager v2.8

Brocade

  • Fabric OS v8.x, v7.x, 7.4.1b.

  • Brocade 300

  • Brocade 5100

  • Brocade 5480

  • Brocade 6510 (HPE SN6000B)

  • Brocade SAN FC Platforms

Carbon Black

Bit9 Security System v6.x

CAS Server

CAS-server v3.51

Centrify

Centrify Server Suite 2017

CheckPoint Firewall

Check Point Firewall version r80.10 and later

CiscoAMP

CiscoAMP

Cisco

  • Cisco 2500 Series Wireless Controller

  • Cisco VPN 3000 Concentrator

  • Cisco 5500 Series Wireless Controller

  • Cisco 6506 E Switch

  • Cisco Nexus 5548 - Cisco Nexus 5548 DC switch, NX OS Software Release 5.0(3)N2(1)

  • Cisco Catalyst 35XX series – Cisco Catalyst 35XX, 29XX series

  • Cisco Iron Port Email Security-II - Cisco Iron Port Email Security

  • Cisco IronPort Email Security - Cisco Iron Port Email Security

  • Cisco ACS - Cisco ACS Version acs-5.4.0.46-B.221

  • Cisco MSE - Cisco Mobility Services Engine

  • Cisco ISE - Cisco ISE 1.2.0.899

  • Cisco Iron Port Email Security-II - Cisco Iron Port Email Security

  • Cisco Prime - Cisco Prime Infrastructure version 1.3

  • Cisco ACE - Cisco ACE 4700 Series Application Control Engine Appliance

  • Cisco TACACS

  • Cisco FWSM - Cisco Catalyst 65XX series

  • Cisco TACACS

  • Cisco Meraki MR18

  • Cisco VSG CEF, Cisco VSG 4.2(1)VSG2(1.1)

  • Cisco PIX/ASA

  • Cisco IOS/CatOS

  • Cisco VSG

  • Cisco FirePower

  • Cisco SourceFire IDS/IPS

Cisco Umbrella

Cisco Umbrella AWS S3 buckets

Citrix

  • NetScaler v12.x, v11.x, v10.x

  • Citrix Access Gateway

Clavister CorePlus

Clavister Coreplus v9.x

ClearSwift

Clearswift SEG v4.x, 3.x

Cloudtrail

AWS Cloudtrail

Cloudwatch

AWS CloudWatch

Couchbase

Couchbase Enterprise Edition 5.5.3

CSVNormalizer

CSVNormalizer for any valid CSV logs.

CyberArk

  • Cyberark v8.x & v9.x

  • CyberArk EPV (CEF)

  • CyberArk PTA (CEF)

  • CyberArk EPM

Cyberlytics

Cyberlytics CTP all version

Cylance

  • All versions of CylancePROTECT

  • Cylance Optics v2.0

  • Cylance EPO

DarkTrace

DarkTrace

Dell

  • Dell OpenManage v7.x, v8.x

  • Dell Power Connect 6224,6248 Switches

  • Dell Force 10 Series Switches

  • Dell OpenManage v7.x, v8.x

DirectAccess

Microsoft DirectAccess

DNS Analytics

  • CSIS Secure DNS

  • SecureDNS

  • DNS BIND

Dovecot

Dovecot

Draytek Vigor 3300V Firewall

Draytek Vigor 3300V Firewall

Dropbear

Dropbear Server and Client

EnGenius

Engenius Wireless Access Points

ESET

ESET Server

EventHubs

Azure Eventhubs

Exim

Exim 4.89

Extreme Network

  • ExtremeXOS version 12.5.4.5

  • Extreme Networks Management Center v7.x, v8.x

EZ Proxy

EZproxy v5.x, v6.x

F5 ASM

F5 ASM

F5 Loadbalancer

F5 Loadbalancer

Fail2ban

Fail2ban v0.8

Faxmaker

GFI Faxmaker 6.x

Filezilla

Filezilla v3.x

FireEye

  • FireEye

  • FireEye CEF

  • FireEye CMS CEF

  • FireEye Web

First Class

OpenText FirstClass Server 16.0

ForeScout

  • ForeScout CounterACT v7.1

  • ForeScout Network Access Control

  • Generic package for ForeScout v7

FortiGate

FortiGate v4.x, v5.x, v6.x Fortinet Fortigate NGFW & UTM

Free IPA

FreeIPA 3.3

Free Radius

Free Radius VPN, Server and WLAN

FSecure

  • Microsoft FSecure Gatekeeper v5.x

  • F-Secure v11 Web Access

  • FSecure Gatekeeper v5.x

  • F-Secure v11

FTP Package

Linux/Unix FTP

Genua Firewall

Genua Firewalls (Genugate)

HA Proxy

HA-Proxy v1.5.14

Halon Mail Security and Firewall Appliance

  • Halon Mail Security and Firewall Appliance

  • Halon Security Router

Halon Mail Security and Firewall Appliance

Halon Security Router

Hitachi NAS

Hitachi NAS 3090-G2 v12.2.3753.08

Honeyd

Honeyd v1.5

HP

  • HP Switch Procurve

  • HP Switch 5820 Series v5.20

  • HP Switch Generic - Hp Switch generic

  • HP Nonstop

  • HP Switch 5700 and 5900 Series - HP Flex Fabric Switch 5700 and 5900

  • HP ProCurve Switch, HP 5820X-24XG-SFP+

IBM

  • Generic IBM IMM log format

  • IBM Iseries

  • IBM Z/OS Communications Server v2.01

  • IBM DB2 on z/OS

  • IBM DB2 on Linux, Unix, Windows

  • IBM Integrated Management Module (IMM) firmware version: 4.31

  • IBM RACF

  • IBM AS400 & IBM iSeries Platform Logs

IBoss

iBoss URL Filtering Appliance

Incapsula

Incapsula

InfoBlox

  • InfoBlox - Enterprise Network Infrastructure Automation Software and Hardware Provider

  • Infoblox DNS/DHCP Management

Integrity Scanner

Integrity Scanner

IP Switch

WS_FTP Server v7.6

JSON Normalizer

JSON Normalizer for any valid JSON logs

Juniper Firewall

  • JunOS

  • Juniper Secure Access

  • Juniper VGW

  • Juniper SSG140

  • Juniper Netscreen IDP

  • Juniper Secure Access WELF

  • JunOS SRX Firewall

  • Juniper MAG-2600: 8.0R7

  • Juniper ISG

Kaspersky

  • Kaspersky Antivirus

  • Kaspersky DB

  • Kaspersky Endpoint Security 10

  • Kaspersky LEEF

  • Kaspersky Security Center (KSC)

Kemp Technologies

KEMP LM-2400 LoadMaster Version 7.1-32-84.20151217-1347

Kiteworks

Accellion Kiteworks v6.0.0

LEEFNormalizer

LEEFNormalizer for any valid LEEF logs

Lenovo

Lenovo Storage V3700 V2/V5030 Series

LogBinder

  • MSExchange

  • SharePoint

LogPoint Agent

LogPoint Agent

LogPoint

  • Webserver Common

  • Kernel

  • LogPoint Audit

Malwarebytes

  • CEF logs for Malwarebytes Breach Remediation

  • CEF logs for Malwarebytes Endpoint Security

  • CEF logs for Malwarebytes Timeliner

McAfee EPO

  • McAfee EPO Antivirus

  • McAfee ePolicy Orchestration Server

Meru

  • Meru System Director v5.x, v6.x, 7.x, v8.x

  • Meru WLAN Controller

Microsoft ATA

Microsoft ATA v1.x

Microsoft Defender APT

Microsoft Defender ATP

  • Microsoft DNS Servers

  • Microsoft DHCP Servers

Microsoft Dynamic NAV

Microsoft Dynamics

Microsoft Exchange

  • Microsoft Exchange Message Tracking 2010, 2013, 2016

  • Microsoft Exchange 2010, 2013, 2016

  • Exchange HTTP Proxy

Microsoft IIS

Microsoft IIS 7.5, IIS 7.0, IIS6.0, IIS 5.0, IIS 4.0, IIS 8.0, IIS 8.5, IIS 10

Microsoft ISA Server

Microsoft ISA Server

Microsoft Outlook Web Access

Microsoft Outlook Web Access

Microsoft TMG

  • Acceleration Server 2006

  • ForeFont-Threat Management Gateway 2010

  • Microsoft TMG 2010

Mideye

Mideye Server v4.x

Mimecast

Mimecast v3.x

Mobility Guard

MobilityGuard OneGate v16

Mod Security

Mod Security v2.24

MSSQL

MS-SQL Server 2005, 2008, 2012, 2014, 2016

Multi Modem iSMS

The MultiModem iSMS Intelligent SMS server

MysqlIRDS

AWS MssqllRDS

NCSCross

NCS Cross v5, v4

Netapp Filer FAS3240

  • Data ONTAP v7.x, v8.x

  • Netapp Filer FAS 3240

Netgear Firewall

NetGear Firewall (FWG114P)

NginX

NginX v1.x

Nortel Contivity Secure

Nortel Contivity Secure IP Services Gateway

Nutanix

Nutanix NOS v4.1

Office 365

Office 365

Onapsis Security

Onapsis Security v1.9.8

OpenDJ

OpenDJ 2.x

OpenLDAP

OpenLDAP v2.4.42

OpenVPN

OpenVPN v2.x

Oracle

  • Oracle WebLogic Server 12c

  • Oracle Financials

  • Oracle 10g, 11g, 10.xg

  • Oracle Database 10g

  • Oracle on Windows

PaloAlto Network Firewall

  • CEF logs of all versions of PAN-OS

  • CSV logs of PAN-OS 6.1, 7.1, 8.0, 8.1, 9.0, 9.1, 10.0

  • PaloAlto Next-Generation Firewalls

  • PaloAlto Networks Panorama

Passwordstate

Passwordstate v8.4

Pega

Pega PRPC v7.22

Peplink

Peplink 580 Firmware 7.x

Perago

Perago

Ping Identity

PingFederate Server v8.x

PointSharp

PointSharp

PortWise

PortWise Authentication Server v4.x

PostFix

PostFix Mail Server on Unix environment

Protective DNS

Protective DNS

PRTG Network Monitor

PRTG

Qmail

Qmail v1.x

Qualys

QualysGuard Vulnerability Management

Radware DefensePro

Radware DefensePro v3.6

RedSocks

Redsocks v3.7.0 alpha1

Regulatory Compliance

  • GDPR on Windows, Unix, Firewall

  • Special Cases for GDPR:

  • The LP_GDPR: File System Activities dashboard and report packages require configuration of WIndows and Palo Alto Firewall only.

  • The LP_GDPR: User Privilege Escalation dashboard and report packages require configuration of Windows and Unix only.

  • GPG 13 on entire dependent sources.

  • PCI DSS on entire dependent sources.

  • ISO on entire dependent sources.

  • NERC-CIP on entire dependent sources.

  • SANS 6 Categories on entire dependent sources.

  • NIST on entire dependent sources.

  • GLBA on entire dependent sources.

  • HIPPA on entire dependent sources.

  • SOX on entire dependent sources.

Rhebo

Rhebo

RSA SecurID

  • RSA Authentication Manager 7.x and 8.x

  • RSA SecurID Appliance 130

  • RSA SecurID Appliance 250

Rubrik

Rubrik

Ruckus Networks

  • Ruckus Wireless Access Points

  • Ucopia v5.0

Safenet

  • SafeNet KeySecure v 7.1

  • Safenet 2FA (Two Factor Authentication)

Salesforce

Salesforce

Samba

  • Samba 3.x, 4.x

  • Samba Server

SAP Business Intelligence

Business Objects

SAP

  • SAP Financial Planning

  • SAP HR

  • SAP PLM

  • SAP SRM

  • SAP CRM

  • SAP ABAP and HANA Platforms

Sendmail

  • Sendmail v8.x

  • Sendmail SMTP

SentinelOne

All versions of SentinelOne with CEF log format

Shavlik Protect

Shavlik Protect V9.2

Shibboleth

Shibboleth v2.x, v3.x

Sidewinder Firewall

Forcepoint Sidewinder 8.x

Sitecore

Sitecore 8.x

Smoothwall Webproxy

Smoothwall Webproxy

SMS Passcode

SMS Passcode v6.x, v7.x, v8.x

SnapGear Firewall

SnapGear (McAfee) Firewall

Snapt Haproxy

Snapt Haproxy

Snort

  • Snort v2.x

  • Snort IDS

Sophos

  • Sophos Unified Threat Management v8

  • Sophos UTM WAF XG310

  • Sophos Endpoint Antivirus version 5.2.1 R2

  • Sophos XG Firewall v15.x

Squid

  • Squid v1.x, v2.5

  • Squid Cache v2.6 and above

  • SQUID Proxy

Stix Taxii

Logs with Cyber Threat Intelligence (CTI) written in STIX format

Stonesoft

  • StoneSoft Audit, Alert, FW, IPS, L2FW, SSLVPN log

  • StoneGate Management Center v5.x.x

  • StoneGate Firewall v5.x.x

Stormshield

  • Stormshield Network Security

  • Stormshield Manager

Suricata IDS

Suricata IDS

SuSE Linux Enterprise

SuSE Linux Enterprise Server

Sybase Adaptive Server Enterprise 15.x

Symantec Security

  • Mail Security for Microsoft Exchange

  • Symantec MessageLabs

  • Symantec Messaging Gateway

  • Symantec Endpoint Protection Version 12.1 RU6

  • Symantec AntiVirus Corporate Edition

  • Symantec VIP

Teamcenter

Teamcenter by Siemens Version v10.1.2.1

Threat Intelligence

Emerging ThreatCritical StackCSISs

TinyProxy

TinyProxy

Trapeze WLAN Controller

Trapeze WLAN Controller

Trend Micro

  • Trend Micro Control Manager v3.x, v5.x, v6.x

  • Trend Micro Office Scan v10.x, 11.x

  • Trend Micro DB

  • Trend Micro Deep Discovery Inspector v2.x, v3.x

  • Trend Micro IMSVA SMTP Relay v9

  • Trend Micro IWSVA v6.5

  • Trend Micro Deep Security Agent v6.x and above

Trustwave SEG

  • Trustwave SEG

  • Trustwave SEG, previously known as MailMarshal SEG or MailMarshal SMTP

UEBA Analytics

UEBA Analytics

Unix

  • Unix Syscall

  • Unix Ftpd

  • Unix Zookeeper

  • Unix Vasd

  • Unix Iptables

  • Unix Logger

  • Unix Ftp

  • Unix Xntpd

  • Unix Redis Server

  • Unix Chkpwd

  • Unix IPsec

  • Unix Kubelet

  • Unix Generic

  • Unix adcli

  • Unix Dockerd

  • Unix Chef Client

  • Unix SNMP Traps

  • Unix Auditd

  • Unix Crond

  • Unix Pure Ftpd

  • Unix Inetd

  • Unix SNMP

  • Unix Dhclient

  • Unix Cron

  • Unix Infinity

  • Unix Vparmodify

  • Unix VS Ftpd

  • Unix Rsandbox

  • Unix Runuser

  • Unix Devd

  • Unix Proftpd

  • Solaris OS

  • Unix SSL Proxy

  • Unix SCC

  • Unix Audispd

  • UNIX NFS

  • Unix nslcd

  • Unix Httpd

  • Unix Mountd

  • Unix dnsmasq

  • Unix Run-parts

  • Unix Kafka

  • Unix Ipmserver

  • Unix check nrpe

  • Unix Anacron

  • Unix php

  • Unix Xpand

  • Unix Routed

  • Unix Bash

  • UNIX Nscd

Unix

  • Unix Lvm

  • Unix Pengine

  • Unix Stonith NG

  • Unix Goferd

  • Unix Nagios

  • Unix IPMIEVD

  • Unix SAP

  • Unix Vmunix

  • Unix Savd

  • Unix Winbindd

  • Unix Syslog NG

  • Unix SU

  • Unix l4d

  • Unix Rsyslogd

  • Unix Rhnsd

  • Unix puppet-agent

  • Unix Suhosin

  • Unix Sudo

  • Unix ptymonitor

  • Unix Sfd

  • Unix Smbd

  • Unix passwd

  • Unix sssd

  • Unix Lrmd

  • Unix InotifyWait

  • Unix UCARP

  • Red Hat Linux

  • Unix rear

  • Unix NTPD

  • Unix RpcMountd

  • Unix Lighttpd

  • Unix Cimserver

  • Unix Cmclconfd

  • Unix Lvmpud

  • Unix NS

  • Unix ndo2db

  • Kernel

  • Unix Agetty

  • Unix Sudoscriptd

  • Docker

  • Unix Rshd

  • Unix xinetd

  • Unix SSHD

  • Unix Cifs Upcall

  • Unix Auditlog

  • Unix Sftp Server

  • Unix rgmanager

  • Unix PAM Tally

  • Unix subscription-manager

Unix

  • Unix Syslogd

  • Common Unix System

  • Unix Systemd

  • Unix Yum

  • Unix Snmpd

  • Unix Named

  • Unix Newrelic Infra

  • Unix Crmd

Vade Retro AntiSpam

Vade Retro AntiSpam

Varonis

Varonis

Vectra AI

Vectra AI

VeriSecFreja

Verisec Freja Version R2.4.0.11860-1367

VeritasSaaS Backup

VeritasSaaS Backup

Vmware ESX/ESXi

  • Vmware ESX/ESXi v4.x, v5.x, and v6.x

  • VMware vCenter v5.5.0, v6.0.0 and v6.5.0

  • VMware Horizon View v6.2.0

  • Vmware ESX/ESXi Vpxd

  • Vmware ESX/ESXi Vpxd Generic

  • Vmware ESX/ESXi Stats

  • Vmware ESX/ESXi LS

  • Vmware ESX/ESXi Vpxd-profiler

  • Vmware ESX/ESXi Access

  • Vmware ESX/ESXi Jointool

  • Vmware ESX/ESXi Vpxd_cfg

  • Vmware ESX/ESXi Kernel

  • Vmware ESX/ESXi Vpxa

  • Vmware ESX/ESXi Hostd

  • Vmware ESX/ESXi Syslog

  • Vmware ESX/ESXi hostd-probe

  • Vmware ESX/ESXi vmkwarning

  • Vmware ESX/ESXi Rhttpproxy

  • Vmware ESX/ESXi CROND

  • Vmware ESX/ESXi SFCBD

  • Vmware ESX/ESXi VOBD

  • Vmware ESX/ESXi CIMSLP

  • Vmware ESX/ESXi Heartbeat

  • Vmware ESX/ESXi TmpWatch

  • Vmware ESX/ESXi sshd

  • Vmware ESX/ESXi smbiosDump

  • Vmware ESX/ESXi vmauthd

  • Vmware ESX/ESXi Fdm

  • Vmware ESX/ESXi smartd

  • Vmware ESX/ESXi vmkernel

  • Vmware ESX/ESXi root

  • Vmware ESX/ESXi localcli

  • Vmware ESX/ESXi lwsmd

VPCFlowLog

AWS VPCFlowLog

vShield Edge LoadBalancer

vShield Edge LoadBalancer

Wallix

  • Wallix v10.x

  • Wallix AdminBastion v4.2.3 build 24048 (wab-4.2.3.0-wallix1)

  • Wallix Proxy WPA R50 4.2.1

WatchGuard Firewall

  • Watchguard Firewall v11.x

  • Watchguard NGFW

  • Watchguard UTM

Websense

  • Forcepoint Websense v8.X

  • Forcepoint (Websense) V10000 G3 – Software v8.2

Windows

  • Windows Server 2008, 2008 R2, 2012, 2012 R2, 2016, 2019

  • Windows Vista, 7, 8, 8.1, 10

  • Windows DNS Server

  • Windows DHCP Server

  • Windows Server HyperV

  • Windows Server R2 HyperV

Zertificon

Zertificon Z1

Zscalar

Zscaler NSS with the provided feed format.


Helpful?

We are glad this guide helped.


Please don't include any personal information in your comment

Contact Support