Skip to main content

Ingestion Sources for Cloud SIEM

This guide lists the sources available for ingesting data into Cloud SIEM. You can configure a variety of sources on Installed Collectors.

In this section, we'll introduce the following concepts:

Thumbnail icon

Auth0 system parser

Configure an HTTP source to ingest Auth0 log messages and send them to CSE’s Auth0 system parser.

Thumbnail icon

AWS Application Load Balancer

Configure collection and ingestion of AWS ALB log messages from an S3 bucket to be parsed by CSE.

Thumbnail icon

AWS CloudTrail

Configure a CloudTrail source on a hosted collector to ingest CloudTrail log messages to be parsed by CSE.

Thumbnail icon

AWS GuardDuty

Configure an HTTP source to ingest AWS GuardDuty log messages and send them to CSE's system parser.

icon

AWS Network Firewall

Configure collection and ingestion of AWS Network Firewall log messages from an S3 bucket to be parsed by CSE.

icon

AWS VPC Flow

Configure collection and ingestion of VPC Flow logs from an S3 bucket to be parsed by CSE.

icon

Carbon Black Cloud

Configure collection of Carbon Black Cloud logs messages from an S3 bucket to be parsed by CSE.

icon

Check Point Firewall

Configure a syslog source to ingest Check Point Firewall log messages to be parsed by CSE.

icon

Cisco ASA

Configure a syslog source to ingest Cisco ASA log messages to be parsed by CSE.

icon

Cisco Meraki

Configure a syslog source to ingest Cisco Meraki log messages to be parsed by CSE Cisco.

icon

Corelight Zeek

Configure a syslog source to ingest Corelight Zeek log messages and send them to CSE's log mapper.

icon

Fortigate Firewall

Configure a syslog source to ingest Fortigate Firewall log messages to be parsed by CSE.

icon

G Suite Alert Center

Collect log messages from G Suite Alert Center to be parsed by CSE.

icon

Kemp LoadMaster

Configure a syslog source to ingest Kemp LoadMaster messages to be parsed by CSE.

icon

Linux OS Syslog

Configure a syslog source to ingest Linux OS log messages to be parsed by CSE.

icon

Microsoft 365 Audit (Office 365 Audit)

Configure collection of Microsoft 365 log messages to be parsed by CSE. 

icon

Microsoft Azure Activity Log

Configure an HTTP Source to ingest Microsoft Azure Activity Log messages and to be parsed by CSE.

icon

Microsoft Windows

Configure collection of Windows Event Log messages and send them to the CSE mapper.

icon

Nginx Access Logs

Configure a syslog source to ingest Nginx Access log messages to be parsed by CSE.

icon

Okta

Configure an Okta source to ingest Okta log messages and send them to CSE’s system parser.

icon

OneLogin

Learn how to collect OneLogin log messages and send them to Sumo Logic to be ingested by CSE.

icon

Osquery

Configure an HTTP source to ingest osquery log messages and send them to the CSE system parser.

icon

Palo Alto Firewall

Configure collection of Palo Alto Firewall log messages to be parsed by CSE's system parser.

icon

SentinelOne

Learn how to collect SentinelOne log messages and send them to be ingested by CSE.

icon

Signal Sciences WAF

Lean how to collect Signal Sciences WAF log messages and sending them to Sumo Logic to be ingested by CSE.

icon

Symantec Blue Coat Proxy

Configure a Syslog source to collect and send Symantec Proxy Secure Gateway (ProxySG) log messages to CSE.

icon

Symantec Proxy Secure Gateway

Configure a syslog source to ingest Symantec Proxy Secure Gateway log messages to be parsed by CSE.

icon

ZScaler NSS

Configure collection of ZScaler NSS log messages to be parsed by CSE's system parser for ZScaler NSS.

icon

Zscaler Private Access

Configure an HTTP source to ingest Zscaler Private Access log messages and send them to CSE's system parser.

Edit this page
Last updated on by John Pipkin (Sumo Logic)
Legal
Privacy Statement
Terms of Use

Copyright © 2023 by Sumo Logic, Inc.