Skip to content

Latest commit

 

History

History
358 lines (356 loc) · 72.1 KB

Exabeam Data Sources.md

File metadata and controls

358 lines (356 loc) · 72.1 KB

Exabeam Data Sources

This table lists the out-of-the-box supported Data Sources. This list is auto-generated by Vendor/Product fields.

Vendor Product

1password 1password
Abnormal Security Abnormal Security
Absolute Absolute DDS
Accellion Kiteworks
AccessIT AccessIT Universal.NET
Adaxes Adaxes
Admin By Request Admin By Request
Airlock Airlock Allowlisting
Airlock Security Access Hub
Akamai Akamai Guardicore
Akamai SIEM
Cloud Akamai
Alert Logic Alert Logic Managed Detection and Response
AlgoSec AlgoSec Firewall Analyzer
AMAG Symmetry Access Control
Amazon Amazon EKS
Amazon Inspector
Amazon RDS
Amazon Route 53
AWS Bastion
AWS CloudTrail
AWS CloudWatch
AWS Elastic Load Balancer
AWS GuardDuty
AWS Redshift
AWS SSM
AWS WAF
VPC Flow Logs
AMD Pensando
Anywhere365 Anywhere365
Apache Apache
Apache Guacamole
Apache Subversion
Apache Tomcat
APC APC
Apple macOS
AppSense AppSense Application Manager
Arbor Arbor Cloud
Arista Networks Awake Security
Armis Armis Platform
Armorblox Armorblox
AssetView AssetView
ASUPIM ASUPIM
Atlassian Atlassian
Atlassian BitBucket
Attivo BOTsink
Auth0 Auth0
Avaya Avaya Ethernet Routing Switch
Avaya VPN
AVI Networks AVI Networks Software Load Balancer
Aviglion Aviglion ACM
Axway Axway Gateway
Badge Badge
Badgepoint Badgepoint
Banyan Security Banyan Security
Barracuda Barracuda Cloudgen Firewall
Barracuda Email Security Gateway
Barracuda WAF
BeyondTrust BeyondInsight
BeyondTrust
BeyondTrust Privileged Identity
BeyondTrust Remote Support
BeyondTrust Secure Remote Access
Bitdefender GravityZone
Bitglass Bitglass CASB
BlackBerry BlackBerry Protect
BlueCat Networks BlueCat Networks
Box Box Cloud Content Management
Brivo Brivo
Broadcom z/OS
Bromium Bromium Secure Platform
Buildkite Buildkite
CA Technologies CA Privileged Access Manager Server Control
CatoNetworks Cato Cloud
CDS CDS
CenturyLink CenturyLink Managed Security Service
CHCOM CHCOM
Check Point Check Point Anti-Malware
Check Point Avanan
Check Point Endpoint Security
Check Point Identity Awareness
Check Point NGFW
Check Point Security Gateway
Check Point Threat Emulation
Check Point vSEC Virtual Edition
SmartDefense
Checkmarx Checkmarx
Cisco Airespace Wireless LAN Controller
AnyConnect
Cisco
Cisco ACI
Cisco ACS
Cisco Adaptive Security Appliance
Cisco ADC
Cisco Cloud Web Security
Cisco CloudLock
Cisco Cognitive Threat Analytics
Cisco DHCP
Cisco Firepower
Cisco Gateway
Cisco IOS
Cisco ISE
Cisco Meraki MX appliance
Cisco Netflow
Cisco PIX
Cisco Secure Cloud Analytics
Cisco Secure Email
Cisco Secure Endpoint
Cisco Secure Network Analytics
Cisco Secure Web Appliance
Cisco SourceFire
Cisco UCS
Cisco Umbrella
Cisco Unified Communications Manager
Cisco WLC
Duo Access
IronPort Email
IronPort Web Security
Citrix Citrix Endpoint Management
Citrix Gateway
Citrix Gateway Connector For Exchange ActiveSync
Citrix ShareFile
Citrix Virtual Apps
Citrix Virtual Desktop
Citrix Web App Firewall
Claroty Claroty
CTD
Clearsense Clearsense
Clearswift Clearswift Secure Email Gateway
Click Studios Passwordstate
Cloudflare Cloudflare CDN
Cloudflare Insights
Cloudflare WAF
Code42 Code42 Incydr
Cofense Cofense Phishme
Cognitas CrossLink Cognitas CrossLink
Cohesity Cohesity DataPlatform
Contrast Security Contrast Agent
CrowdStrike Falcon
Identity Threat Detection & Response
CyberArk CyberArk Endpoint Privilege Manager
CyberArk Privilege Access Manager
Cybereason Cybereason
Cylance Cylance OPTICS
Cylance PROTECT
Cynet Cynet EDR
Damballa Damballa Failsafe
Darktrace Darktrace
DataWatch Systems DataWatch
Delinea Centrify Audit and Monitoring Service
Centrify Authentication Service
Centrify Infrastructure Services
Centrify Zero Trust Privilege Services
Thycotic Software Secret Server
Dell EMC Isilon
One Identity Manager
Sonicwall
Digital Arts Digital Arts i-FILTER for Business
Digital Guardian Digital Guardian Endpoint Protection
Digital Guardian Network DLP
Dropbox Dropbox
Dtex Systems DTEX InTERCEPT
DXC DXC Technology
EdgeWave EdgeWave iPrism
Egnyte Egnyte
EMP EMP
Endgame Endgame EDR
Entrust Entrust Identity Enterprise
Envoy Envoy
Epic Epic SIEM
ESector ESector DEFESA Logger
ESET ESET Endpoint Security
Exabeam Advanced Analytics
Audit Log
Correlation Rule
NG Analytics
Search
Extrahop Extrahop Reveal(x)
Extreme Networks EXOS
ExtremeCloud IQ
Zebra WLAN Management
F-Secure F-Secure Client Security
F-Secure Policy Manager
F5 BIG-IP F5 LBR
F5 Access Policy Manager
F5 Advanced Firewall Manager
F5 Advanced Web Application Firewall
F5 Application Security Manager
F5 BIG-IP
F5 BIG-IP DNS
F5 IP Intelligence
F5 Local Traffic Manager
F5 Silverline
F5 WebSafe
Fast Enterprises Fast Enterprises GenTax
Fastly Next-Gen Web Application Firewall
Fidelis Fidelis Network
Fidelis XPS
FileAuditor FileAuditor
FireEye FireEye CMS
FireEye Email MPS
FireEye Endpoint Security (HX)
FireEye ETP
FireEye Helix
FireEye Network Security (NX)
FireEye Web MPS
FireMon FireMon
Forcepoint Forcepoint CASB
Forcepoint DLP
Forcepoint Email Security
Forcepoint Email Security Gateway
Forcepoint Insider Threat
Forcepoint Next-Gen Firewall
Websense Security Gateway
Forescout EyeInspect
Forescout CounterACT
Fortinet EnSilo
FortiAuthenticator
FortiGate
Fortinet Enterprise Firewall
Fortinet UTM
Fortinet VPN
FortiSIEM
Fortiweb Web Application Firewall
FreeBSD FreeBSD
FTP FTP
Galaxy Galaxy
Gallagher Gallagher Access Control
Gamma Gamma
Generic Badge Access Generic Badge Access
Genetec Genetec Badge
Gigamon GigaVUE-HC2
GitHub GitHub
GoAnywhere GoAnywhere MFT
Google GCP CloudAudit
Google Cloud Platform
Google Plus
Google Workspace
GTB GTB Technologies DLP
Halcyon Halcyon
HashiCorp HashiCorp Vault
Terraform
HelpSystems Powertech Identity and Access Manager
hMail hMailServer
Honeywell Honeywell Pro-Watch
Honeywell siama
Honeywell WIN-PAK
Hornet Hornetsecurity Cloud Email Security Services
HP Aruba ClearPass Policy Manager
Aruba Mobility Master
Aruba Wireless controller
ArubaOS
HP iLO
HP LaserJet Printer
HP Print Server
HP SafeCom
HP Virtual Connect Enterprise Manager
HPE 3PAR StoreServ
HPE Comware
NonStop
Huawei Huawei Enterprise Network Firewall
Huawei Unified Security Gateway
IBM DB2
Guardium
HCL Notes
IBM
IBM Datapower
IBM Mainframe
IBM Mobile Connect
IBM Resource Access Control Facility
IBM Security Trusteer Apex Advanced Malware Protection
IBM Sense
Proventia Network IPS
QRadar SIEM
Sametime
Security Access Manager
Sterling B2B Integrator
iBoss Iboss Cloud
ICDB ICDB
ICPAM ICPAM
Identiv Identiv
Illumio Illumio Core
iManage iManage
Imperva Attack Analytics
CounterBreach
Imperva File Activity Monitoring
Imperva Incapsula
Imperva SecureSphere
Imprivata Imprivata
IMSS IMSS
IMSVA IMSVA
Infoblox BloxOne DDI
Infoblox NIOS
InfoWatch InfoWatch DLP
Inky Inky Anti-Phishing
Ipswitch MoveIt Transfer
IPTables IPTables FW
IronNet IronDefense
Ivanti Ivanti Pulse Secure
JH JH
Johnson Controls Johnson Controls P2000
jSONAR SonarG
Jumpcloud Jumpcloud
Juniper Networks Juniper Advanced Threat Protection
Juniper SRX Series
Junos OS
KABA EXOS KABA EXOS
Kasada Kasada
Kaspersky Kaspersky AV
Kaspersky Endpoint Security for Business
Kaspersky Secure Mail Gateway
Kemp Kemp LoadMaster
Lacework Lacework
LanScope LanScope Cat
LastPass LastPass
LEAP LEAP
Lenel OnGuard
Lexmark Lexmark
LiquidFiles LiquidFiles
LOGBinder LOGBinder for SharePoint
LOGBinder for SQL Server
LogMeIn RemotelyAnywhere
LogRhythm LogRhythm
Lookout Lookout
Lumension Lumension
Lyrix Lyrix
Magento Magento WAF
Malwarebytes Malwarebytes Endpoint Detection and Response
Malwarebytes Endpoint Protection
Malwarebytes Incident Response
ManageEngine ADAuditPlus
ADManager Plus
ADSSP
PAM360
MariaDB MariaDB
MasterSAM MasterSAM PAM
McAfee Advanced Threat Defense
McAfee Application Control
McAfee DAM
McAfee DLP Endpoint
McAfee DLP Prevent
McAfee Email Protection
McAfee Endpoint Security
McAfee Enterprise Security Manager
McAfee ePolicy Orchestrator
McAfee Network Security Platform
McAfee SiteAdvisor
McAfee Web Gateway
Skyhigh Networks CASB
Menlo Security Menlo Security
MicroFocus ArcSight MicroFocus ArcSight
Microsoft Active Directory Federation Services
Azure
Azure AD Activity Logs
Azure AD Identity Protection
Azure AD Sign-In Logs
Azure ATP
Azure Container Registry
Azure DevOps
Azure Event Hub
Azure Firewall
Azure Key Vault
Azure Kubernetes Service
Azure MFA
Azure Monitor
Azure Monitor - VM Insights
Event Viewer - ADFS
Event Viewer - Application
Event Viewer - Applocker
Event Viewer - AzureADPasswordProtection-DCAgent
Event Viewer - BFE Resorce Flows
Event Viewer - BITS-Client
Event Viewer - CAPI2
Event Viewer - CertificateServicesClient
Event Viewer - DFS-Replication
Event Viewer - DHCP-Server
Event Viewer - Directory-Service
Event Viewer - DNSClient
Event Viewer - DNSServer
Event Viewer - FileShareShadowCopyProvider
Event Viewer - Kernel-IO
Event Viewer - Kernel-PnP
Event Viewer - KnownFolders
Event Viewer - Licensing-Platform
Event Viewer - LiveId
Event Viewer - NetworkProfile
Event Viewer - NPS
Event Viewer - NTLM
Event Viewer - OpenSSH
Event Viewer - PowerShell
Event Viewer - PrintService
Event Viewer - RemoteDesktopServices
Event Viewer - Security
Event Viewer - Setup
Event Viewer - System
Event Viewer - TaskScheduler
Event Viewer - TerminalServices-Gateway
Event Viewer - TerminalServices-LocalSessionManager
Event Viewer - TerminalServices-RemoteConnectionManager
Event Viewer - Windows Firewall
Event Viewer - WinNat
Event Viewer - WinRM
M365 Audit Logs
Microsoft 365
Microsoft Advanced Threat Analytics
Microsoft CAS
Microsoft code integrity
Microsoft Defender for Cloud
Microsoft Defender for Endpoint
Microsoft Defender for Office 365
Microsoft DHCP Log
Microsoft DNS Log
Microsoft Exchange
Microsoft IIS
Microsoft Intune
Microsoft Network Policy Server
Microsoft RRAS
Microsoft Sentinel
Microsoft Web Application Proxy
Microsoft WMI Log
MSSQL
Network Security Group Flow Logs
Sysmon
Web Application Proxy-TLS Gateway
Windows
Windows Defender Application Control
Windows Device registration service
Mimecast Mimecast Secure Email Gateway
Mimecast Targeted Threat Protection - URL
MobileIron MobileIron
MongoDB MongoDB
Morphisec Morphisec
MSDHCP MSDHCP
MuleSoft MuleSoft Anypoint Platform
Mvision Mvision
Mysql Mysql
N3K N3K
Nagios Nagios
Namespace rDirectory Namespace rDirectory
Nasuni Nasuni
NCP NCP
NetApp NetApp
NetApp Ontap
NetDocs NetDocs
NetIQ Micro Focus NetIQ Identity Manager
NetMotion Wireless NetMotion Wireless
Netskope Netskope CASB
Netskope IoT Security
Netskope Security Cloud
Netskope Webtx
Netwrix Netwrix Auditor
Netwrix Threat Prevention
NextDLP Reveal
Nexthink Nexthink Infinity
Nightfall Nightfall AI
NNT NNT ChangeTracker
Nokia VitalQIP Nokia VitalQIP
Nortel Contivity Nortel Contivity VPN
Novell eDirectory
Nozomi Networks Nozomi Networks Guardian
Nutanix Nutanix Unified Storage
Okta Okta Adaptive MFA
Onapsis Onapsis
OneLogin OneLogin
OneSpan Digipass for Apps
OneSpan Sign
OneWelcome OneWelcome Cloud Identity Platform
Open Shift OpenShift
Open VPN Open VPN
OpenDJ OpenDJ
OpenLDAP OpenLDAP
OpenText eDOCS
Oracle Oracle Access Management
Oracle Audit Vault and Database Firewall
Oracle Database
Oracle Public Cloud
Solaris
Ordr Ordr SCE
Osirium Osirium
Osquery Osquery
OSSEC OSSEC
oVirt oVirt
PacketFence PacketFence
Palo Alto Networks Cortex XDR
Cortex XSOAR
GlobalProtect
Palo Alto Aperture
Palo Alto NGFW
Palo Alto WildFire
Panorama
Prisma Access
Prisma Cloud
Traps Endpoint Security Manager
Password Manager Pro Password Manager Pro
Paxton NET2DOOR
Perforce Perforce
pfSense pfSense
Phantom Phantom
Pharos Pharos
Picture Perfect Picture Perfect
Ping Identity Ping Access
Ping Identity
PingFederate
PingOne
Postfix Postfix
PostgreSQL PostgreSQL
PostScript PostScript
PowerDNS PowerDNS Recursor
PowerSentry PowerSentry
Procad Pro.File DMS
Progress Progress Database
Proofpoint ObserveIT
Proofpoint CASB
Proofpoint Email Protection
Proofpoint Enterprise Protection
Targeted Attack Platform
Qualys Qualys AssetView
Quest InTrust Quest InTrust
Quest Software Quest Change Auditor for Active Directory
Quest Change Auditor for SQL Server
Radware Alteon
Radware WAF
RangerAudit RangerAudit
Rapid7 Rapid7 InsightVM
Recorded Future Recorded Future Threat Intelligence
Red Canary Red Canary Managed Detection and Response
RedShield RedShield WAF
Ricoh Ricoh Printer
RightCrowd RightCrowd
Riverbed Steelhead Riverbed Steelhead
RS2 Technologies RS2 Technologies
RSA RSA Adaptive Authentication
RSA Authentication Manager
RSA DLP
RSA ECAT
RSA NetWitness Platform
SecurID
RStudio RStudio Server
Rubrik Rubrik Cloud Data Management
Ruckus Ruckus
RUID RUID
Rundeck Rundeck
Safend Data Protection Suite (DPS)
Safenet Thales
SafeSend SafeSend
Sailpoint IdentityNow
SecurityIQ
Salesforce Salesforce
Sangfor Sangfor NGAF
SAP SAP
SuccessFactors
Saviynt Saviynt
Seclore Seclore
Secomea Secomea
Secure Computing Secure Computing SafeWord
SecureAuth SecureAuth IDP
SecureAuth Login
SecureLink SecureLink
SecureNet SecureNet
SecurEnvoy SecurEnvoy Multi-Factor Authentication
SecureWorks Managed iSensor IPS
SecurityExpert SecurityExpert
Semperis Semperis DSP
Sensormatik Sensormatik
SentinelOne Event Viewer - Sentinelone
Singularity Platform
Vigilance
ServiceNow ServiceNow
SFTP SFTP
Shibboleth Shibboleth
Siemens Siemens Access Control
SIGSCI SIGSCI
Silverfort Silverfort Authentication Platform
SiteMinder Symantec SiteMinder
SiteSpect SiteSpect
Skudonet Skudonet WAF
Skyformation Skyformation
Skyhigh Security Skyhigh Security Cloud
SkySea SkySea ClientView
Slack Slack
Snort Snort
Snowflake Snowflake
Sophos Sophos Endpoint Protection
Sophos SafeGuard
Sophos UTM
Sophos XG Firewall
Specops Specops Password
Splunk Splunk ES
Splunk Stream
Squid Squid
StealthBits StealthBits Stealth Defend
StealthIntercept
SunOne SunOne
Suricata Suricata
Swift Swift
Swipes Swipes
Swivel Swivel
Sybase Sybase
Symantec Blue Coat ProxySG
Symantec Advanced Threat Protection
Symantec CloudSOC
Symantec Content Analysis System
Symantec Critical System Protection
Symantec DLP
Symantec Email Security
Symantec Endpoint Protection
Symantec Fireglass
Symantec Managed Security Services
Symantec VIP
Symantec Web Security Service
Synology NAS Synology NAS
Sysdig Sysdig Monitor
Tanium Tanium Cloud Platform
Tanium Core Platform
Tanium Integrity Monitor
Tanium Threat Response
Tenable Tenable Cloud Security
Tenable Identity Exposure
Tenable Vulnerability Management
Tenable Web App Scanning
Teradata Teradata RDBMS
Tessian Tessian Cloud Email Security
Thales Group Gemalto MFA
ThreatBlockr ThreatBlockr
TimeLox TimeLox
TitanFTP TitanFTP
TrapX TrapX
Trend Micro Apex One
Deep Discovery Inspector
Deep Security
OfficeScan
TippingPoint NGIPS
Trend Micro Cloud App Security
Trend Micro Email Security
Trend Micro InterScan Web Security
Trend Micro ScanMail
Vision One
Tripwire Enterprise Tripwire Enterprise
Tufin Tufin SecureTrack
Tyco CCURE Building Management System
Ubiquiti Unifi Access Point
Unix Auditbeat
BIND DNS
rsyslog
Unix
Unix Auditd
Unix dhcpd
Unix Named
Unix Privilege Management
Unix Sendmail
USB USB
Vanderbilt Vanderbilt
Varonis Varonis Data Security Platform
VBCorp VBCorp
Vectra Vectra Cognito Detect
Vectra Cognito Stream
Veeam Veeam
Venafi TLS Protect
Verizon Verizon NDR
ViaScope ViaScope IPScan
Vicarius Vicarius vRx
Virtru Virtru
Visma Megaflex
VMS Software OpenVMS
VMware Carbon Black App Control
Carbon Black CES
Carbon Black EDR
Lastline
NSX Distributed Firewall
vCenter
VMware AirWatch
VMware ESXi
VMware Horizon
VMware Identity Manager
VMware NSX
VMware VeloCloud SD-WAN
VMware View
Vormetric Vormetric
Watchguard Watchguard
Wazuh Wazuh
Weblogin Weblogin
Wiz Wiz
Workday Workday
Xceedium Xceedium
Xerox Xerox
Xiting XAMS
xPLAN xPLAN
XPS XPS
xsuite xsuite
YSoft YSoft
Zeek Zeek
Zendesk Zendesk
Zimperium Zimperium MTD
Zlock Zlock
Zoom Zoom
Zscaler FW Zscaler Cloud
Zscaler Internet Access
Zscaler Private Access