NetWatcher currently supports these syslog formats for ingestion into the SIEM. Let us know what is missing and we can easily add it to the list as long as the format is well documented.
| adtran | courier-bluedot | knockd | samba | windows-correlated |
| apache | courier-correlated | linux-kernel | sendmail | windows-emet |
| apc-emu | courier-geoip | milter | snort-bluedot | windows-geoip |
| arp | courier | mongodb | snort-geoip | windows-malware |
| artillery | cylance | mysql | snort | windows-misc |
| asterisk | deleted | nexpose | solaris | windows-mssql |
| attack | digitalpersona | nfcapd-malware | sonicwall | windows-owa-blacklist |
| barracuda | dovecot | nfcapd | squid | windows-owa-bluedot |
| bash | dynamic | nginx | ssh-tectia-server-aetas | windows-owa-brointel |
| bind | f5-big-ip-bluedot | ntp | ssh-tectia-server-bluedot | windows-owa-correlated |
| bit9 | f5-big-ip-geoip | nxlog | ssh-tectia-server-correlated | windows-owa-geoip |
| blacklist | f5-big-ip | openssh-aetas | ssh-tectia-server-geoip | windows-owa |
| bluedot | fatpipe-aetas | openssh-bluedot | ssh-tectia-server | windows-sysmon |
| bonding | fatpipe-bluedot | openssh-correlated | su | wordpress |
| bro-bluedot | fatpipe-correlated | openssh-geoip | symantec-ems | xinetd |
| bro-ids | fatpipe-geoip | openssh | syslog | yubikey |
| bro-intel | fatpipe | openvpn | tcp | zeus |
| cacti-thold | fipaypin | oracle | telnet | zimbra-geoip |
| carbonblack | fortinet-aetas | ossec-mi | trendmicro | zimbra |
| cisco-acs | fortinet-bluedot | ossec | tripwire | sophos-UTM |
| cisco-aetas | fortinet-correlated | palo-alto-geoip | vmpop3d | |
| cisco-blacklist | fortinet-geoip | palo-alto | vmware-bluedot | |
| cisco-bluedot | fortinet-malware | php | vmware-correlated | |
| cisco-brointel | fortinet | postfix | vmware-geoip | |
| cisco-correlated | ftpd | postgresql | vmware | |
| cisco-cucm | grsec | pptp | vpopmail | |
| cisco-geoip | honeyd | procurve | vsftpd-bluedot | |
| cisco-ios | hordeimp | proftpd-aetas | vsftpd-correlated | |
| cisco-malware | hostapd | proftpd-bluedot | vsftpd-geoip | |
| cisco-meraki | huawei | proftpd-geoip | vsftpd | |
| cisco-pixasa | imapd-bluedot | proftpd | watchguard-geoip | |
| cisco-prime | imapd-correlated | proxy-malware | watchguard | |
| cisco-sdee | imapd-geoip | pure-ftpd | web-attack | |
| cisco-wlc | imapd | racoon | weblabrinth | |
| citrix-blacklist | ipop3d | riverbed-aetas | windows-aetas | |
| citrix-bluedot | juniper-aetas | riverbed-bluedot | windows-applocker | |
| citrix-brointel | juniper-bluedot | riverbed-geoip | windows-auth | |
| citrix-correlated | juniper-geoip | riverbed | windows-blacklist | |
| citrix-geoip | juniper | roundcube | windows-bluedot | |
| citrix | kismet | rsync | windows-brointel |
Comments