NetWatcher currently supports these syslog formats for ingestion into the SIEM. Let us know what is missing and we can easily add it to the list as long as the format is well documented.
adtran | courier-bluedot | knockd | samba | windows-correlated |
apache | courier-correlated | linux-kernel | sendmail | windows-emet |
apc-emu | courier-geoip | milter | snort-bluedot | windows-geoip |
arp | courier | mongodb | snort-geoip | windows-malware |
artillery | cylance | mysql | snort | windows-misc |
asterisk | deleted | nexpose | solaris | windows-mssql |
attack | digitalpersona | nfcapd-malware | sonicwall | windows-owa-blacklist |
barracuda | dovecot | nfcapd | squid | windows-owa-bluedot |
bash | dynamic | nginx | ssh-tectia-server-aetas | windows-owa-brointel |
bind | f5-big-ip-bluedot | ntp | ssh-tectia-server-bluedot | windows-owa-correlated |
bit9 | f5-big-ip-geoip | nxlog | ssh-tectia-server-correlated | windows-owa-geoip |
blacklist | f5-big-ip | openssh-aetas | ssh-tectia-server-geoip | windows-owa |
bluedot | fatpipe-aetas | openssh-bluedot | ssh-tectia-server | windows-sysmon |
bonding | fatpipe-bluedot | openssh-correlated | su | wordpress |
bro-bluedot | fatpipe-correlated | openssh-geoip | symantec-ems | xinetd |
bro-ids | fatpipe-geoip | openssh | syslog | yubikey |
bro-intel | fatpipe | openvpn | tcp | zeus |
cacti-thold | fipaypin | oracle | telnet | zimbra-geoip |
carbonblack | fortinet-aetas | ossec-mi | trendmicro | zimbra |
cisco-acs | fortinet-bluedot | ossec | tripwire | sophos-UTM |
cisco-aetas | fortinet-correlated | palo-alto-geoip | vmpop3d | |
cisco-blacklist | fortinet-geoip | palo-alto | vmware-bluedot | |
cisco-bluedot | fortinet-malware | php | vmware-correlated | |
cisco-brointel | fortinet | postfix | vmware-geoip | |
cisco-correlated | ftpd | postgresql | vmware | |
cisco-cucm | grsec | pptp | vpopmail | |
cisco-geoip | honeyd | procurve | vsftpd-bluedot | |
cisco-ios | hordeimp | proftpd-aetas | vsftpd-correlated | |
cisco-malware | hostapd | proftpd-bluedot | vsftpd-geoip | |
cisco-meraki | huawei | proftpd-geoip | vsftpd | |
cisco-pixasa | imapd-bluedot | proftpd | watchguard-geoip | |
cisco-prime | imapd-correlated | proxy-malware | watchguard | |
cisco-sdee | imapd-geoip | pure-ftpd | web-attack | |
cisco-wlc | imapd | racoon | weblabrinth | |
citrix-blacklist | ipop3d | riverbed-aetas | windows-aetas | |
citrix-bluedot | juniper-aetas | riverbed-bluedot | windows-applocker | |
citrix-brointel | juniper-bluedot | riverbed-geoip | windows-auth | |
citrix-correlated | juniper-geoip | riverbed | windows-blacklist | |
citrix-geoip | juniper | roundcube | windows-bluedot | |
citrix | kismet | rsync | windows-brointel |
Comments