Skip to main content
Sumo Logic

Products with Log Mappings

See the product and services that CSE supports with log mappings and parsers.

This topic lists products and services, organized by vendor, for which CSE provides built-in log mapping and parsing support. 

Adaxes

  • Adaxes

Akamai

  • Web Application Firewall

Alibaba

  • ActionTrail

AlphaSOC

  • Network Flight Recorder

Amazon AWS

  • API Gateway
  • AWS S3 Server Access Logs
  • Application Load Balancer
  • CloudFront
  • CloudTrail
  • CloudWatch
  • Config
  • Elastic Load Balancer
  • GuardDuty
  • Inspector
  • Network Firewall
  • Route53
  • Security Hub
  • Trusted Advisor
  • VpcFlowLogs
  • Web Application Firewall (WAF)

Aqua

  • Aqua

Atlassian

  • Jira

Auth0

  • Auth0

Bandura

  • Threat Intelligence Gateway

Barracuda

  • Web Application Firewall

BlackBerry

  • Workspace

BlueCat

  • DHCP
  • DNS

Box

  • Box

Bro

  • Bro

Carbon Black

  • Defense
  • Protect
  • Response

CheckPoint

  • Firewall and VPN
  • IPS

Cisco Systems

  • ASA
  • Advanced Malware Protection (AMP)
  • AnyConnect
  • Firepower
  • Identity Services Engine
  • Identity Services Engine
  • Ironport
  • Meraki
  • Router and Switch IOS
  • Secure Access Control Server (ACS)
  • Stealthwatch
  • Umbrella

Citrix

  • ADC
  • Hypervisor

Cloudflare

  • Logpush

Code42

  • Code42

CrowdStrike

  • FDR
  • Falcon

Cyber-Ark

  • Enterprise Password Vault

Cylance

  • Protect

Darktrace

  • Darktrace

Datto

  • SIRIS 3 Professional
  • SIRIS 4 Enterprise

Dell

  • Firewall

Demisto

  • Demisto Enterprise

Digital Guardian

  • EDR

Docker

  • Docker

Duo Security

  • Multi-Factor Authentication (MFA)

ESET

  • ESET

Endgame

  • Endgame
  • Detection

Exabeam

  • Security Management Platform (SMP)

Extrahop

  • Reveal(x)

F5

  • F5

Falco

  • Falco

FireEye

  • Central Management System
  • Endpoint Security

Forcepoint

  • Web Security

Fortinet

  • Fortigate

Gigamon

  • ThreatInsight

Github

  • Github

Google

  • G Suite
  • Google Cloud Platform
  • Security Command Center

HP

  • Aruba ClearPass
  • Aruba Mobility Master
  • Aruba Networking
  • vSentry

Huawei

  • Huawei

IBM

  • Guardium
  • WebSEAL Reverse Proxy
  • WebSphere DataPower SOA Appliances

ISC

  • Bind

Illumio

  • Adaptive Security Platform

Imperva

  • Imperva Incapsula
  • SecureSphere

Infoblox

  • DDI
  • Network Identity Operating System

Intersect Alliance

  • Snare Enterprise Agent for Windows

Juniper

  • SRX Series Firewall

KasperskyLab

  • SecurityCenter

Kubernetes

  • Kubernetes

Lacework

  • Lacework

Laravel

  • Laravel

Linux

  • Auditd
  • Linux OS Syslog
  • Messages
  • Vault

Malwarebytes

  • Malwarebytes Endpoint Protection

ManageEngine

  • adauditplus

McAfee

  • Avecto Defendpoint
  • BeyondTrust Privilege Management
  • Data Loss Prevention
  • Drive Encryption
  • Endpoint Security
  • Endpoint Upgrade Assistant
  • McAfee Agent
  • McAfee Host Intrusion Prevention
  • McAfee Management of Native Encryption
  • Mvision-Cloud Access Security Broker
  • Network Security
  • Solidifier
  • System Prep Tool
  • VirusScan Enterprise
  • VirusScan Enterprise for Storage
  • Web Gateway
  • ePolicy Orchestrator

Micro Focus

  • Console
  • SOA
  • Voltage SecureData Enterprise

Microsoft

  • Advanced Threat Analytics
  • Azure
  • Cloud App Security
  • Graph Identity Protection API
  • Graph Security API
  • Office 365
  • Windows
  • Windows Firewall Management

Mimecast

  • Mimecast

NMS

  • NMS

Netskope

  • Security Cloud

OAuth

  • OAuth

OISF

  • Suricata IDS

ObserveIT

  • ObserveIT

Okta

  • Single Sign-On

OneLogin

  • OneLogin Single Sign-On

OpenSSH

  • sshd

Ossec

  • Ossec Server

Palo Alto Networks

  • Cortex XDR
  • GlobalProtect
  • Next Generation Firewall
  • Traps

PassiveDns

  • PassiveDns

PingIdentity

  • PingFederate

PreemptSecurity

  • PBF

Pritunl

  • Pritunl

Proofpoint

  • Proofpoint on Demand
  • Targeted Attack Protection

Pulse

  • Secure Appliance

Qualys

  • VMScan

RSA

  • SecurID Runtime
  • SecurID SinglePoint

Redlock

  • Redlock

Ruckus

  • ZoneDirector

SSLVPN

  • SSLVPN

Salesforce

  • Salesforce

SecureAuth

  • IdP

SentinelOne

  • SentinelOne

Sequr

  • Access Control

Shibboleth

  • Identity Provider

Signal Sciences

  • Web Application Firewall

Slack

  • Slack

Sophos

  • Central
  • Endpoint
  • UTM 9

Squid

  • Squid Proxy

Sumo Logic

  • Scheduled Searches

Symantec

  • Data Loss Prevention
  • Endpoint Protection
  • Proxy Secure Gateway
  • Web Security Service

Tanium

  • Tanium Core

Tenable

  • Cloud API

Thycotic Software

  • Secret Server

Trend Micro

  • Apex Central
  • Control Manager
  • Deep Security
  • Vision One

Twistlock

  • Twistlock

VMware

  • ESX
  • Horizon

Varonis

  • DatAdvantage

Vectra

  • Cognito

WatchGuard

  • WatchGuard

Workday

  • Workday

Zscaler

  • Firewall
  • Nanolog Streaming Service
  • ZPA Log Streaming Service