Ingestion Sources for Cloud SIEM
This guide lists the sources available for ingesting data into Cloud SIEM. You can configure a variety of sources on Installed Collectors.
In this section, we'll introduce the following concepts:
Auth0 system parser
Configure an HTTP source to ingest Auth0 log messages and send them to Cloud SIEM’s Auth0 system parser.
AWS Application Load Balancer
Configure collection and ingestion of AWS ALB log messages from an S3 bucket to be parsed by Cloud SIEM.
AWS CloudTrail
Configure a CloudTrail source on a hosted collector to ingest CloudTrail log messages to be parsed by Cloud SIEM.
AWS GuardDuty
Configure an HTTP source to ingest AWS GuardDuty log messages and send them to Cloud SIEM's system parser.
AWS Network Firewall
Configure collection and ingestion of AWS Network Firewall log messages from an S3 bucket to be parsed by Cloud SIEM.
AWS VPC Flow
Configure collection and ingestion of VPC Flow logs from an S3 bucket to be parsed by Cloud SIEM.
Carbon Black Cloud
Configure collection of Carbon Black Cloud logs messages from an S3 bucket to be parsed by Cloud SIEM.
Check Point Firewall
Configure a syslog source to ingest Check Point Firewall log messages to be parsed by Cloud SIEM.
Cisco ASA
Configure a syslog source to ingest Cisco ASA log messages to be parsed by Cloud SIEM.
Cisco Meraki
Configure a syslog source to ingest Cisco Meraki log messages to be parsed by Cloud SIEM Cisco.
Corelight Zeek
Configure a syslog source to ingest Corelight Zeek log messages and send them to Cloud SIEM's log mapper.
Fortigate Firewall
Configure a syslog source to ingest Fortigate Firewall log messages to be parsed by Cloud SIEM.
G Suite Alert Center
Collect log messages from G Suite Alert Center to be parsed by Cloud SIEM.
Kemp LoadMaster
Configure a syslog source to ingest Kemp LoadMaster messages to be parsed by Cloud SIEM.
Linux OS Syslog
Configure a syslog source to ingest Linux OS log messages to be parsed by Cloud SIEM.
Microsoft 365 Audit (Office 365 Audit)
Configure collection of Microsoft 365 log messages to be parsed by Cloud SIEM.Â
Microsoft Azure Activity Log
Configure an HTTP Source to ingest Microsoft Azure Activity Log messages and to be parsed by Cloud SIEM.
Microsoft Windows
Configure collection of Windows Event Log messages and send them to the Cloud SIEM mapper.
Nginx Access Logs
Configure a syslog source to ingest Nginx Access log messages to be parsed by Cloud SIEM.
Okta
Configure an Okta source to ingest Okta log messages and send them to Cloud SIEM’s system parser.
OneLogin
Learn how to collect OneLogin log messages and send them to Sumo Logic to be ingested by Cloud SIEM.
Osquery
Configure an HTTP source to ingest osquery log messages and send them to the Cloud SIEM system parser.
Palo Alto Firewall
Configure collection of Palo Alto Firewall log messages to be parsed by Cloud SIEM's system parser.
SentinelOne
Learn how to collect SentinelOne log messages and send them to be ingested by Cloud SIEM.
Signal Sciences WAF
Lean how to collect Signal Sciences WAF log messages and sending them to Sumo Logic to be ingested by Cloud SIEM.
Symantec Blue Coat Proxy
Configure a Syslog source to collect and send Symantec Proxy Secure Gateway (ProxySG) log messages to Cloud SIEM.
Symantec Proxy Secure Gateway
Configure a syslog source to ingest Symantec Proxy Secure Gateway log messages to be parsed by Cloud SIEM.
ZScaler NSS
Configure collection of ZScaler NSS log messages to be parsed by Cloud SIEM's system parser for ZScaler NSS.
Zscaler Private Access
Configure an HTTP source to ingest Zscaler Private Access log messages and send them to Cloud SIEM's system parser.