Ingestion Sources for Cloud SIEM
This guide lists the sources available for ingesting data into Cloud SIEM. You can configure a variety of sources on Installed Collectors.
In this section, we'll introduce the following concepts:

Auth0 system parser
Configure an HTTP source to ingest Auth0 log messages and send them to CSE’s Auth0 system parser.

AWS Application Load Balancer
Configure collection and ingestion of AWS ALB log messages from an S3 bucket to be parsed by CSE.

AWS CloudTrail
Configure a CloudTrail source on a hosted collector to ingest CloudTrail log messages to be parsed by CSE.

AWS GuardDuty
Configure an HTTP source to ingest AWS GuardDuty log messages and send them to CSE's system parser.

AWS Network Firewall
Configure collection and ingestion of AWS Network Firewall log messages from an S3 bucket to be parsed by CSE.

AWS VPC Flow
Configure collection and ingestion of VPC Flow logs from an S3 bucket to be parsed by CSE.

Carbon Black Cloud
Configure collection of Carbon Black Cloud logs messages from an S3 bucket to be parsed by CSE.

Check Point Firewall
Configure a syslog source to ingest Check Point Firewall log messages to be parsed by CSE.

Cisco ASA
Configure a syslog source to ingest Cisco ASA log messages to be parsed by CSE.

Cisco Meraki
Configure a syslog source to ingest Cisco Meraki log messages to be parsed by CSE Cisco.

Corelight Zeek
Configure a syslog source to ingest Corelight Zeek log messages and send them to CSE's log mapper.

Fortigate Firewall
Configure a syslog source to ingest Fortigate Firewall log messages to be parsed by CSE.
G Suite Alert Center
Collect log messages from G Suite Alert Center to be parsed by CSE.

Kemp LoadMaster
Configure a syslog source to ingest Kemp LoadMaster messages to be parsed by CSE.

Linux OS Syslog
Configure a syslog source to ingest Linux OS log messages to be parsed by CSE.

Microsoft 365 Audit (Office 365 Audit)
Configure collection of Microsoft 365 log messages to be parsed by CSE.

Microsoft Azure Activity Log
Configure an HTTP Source to ingest Microsoft Azure Activity Log messages and to be parsed by CSE.

Microsoft Windows
Configure collection of Windows Event Log messages and send them to the CSE mapper.

Nginx Access Logs
Configure a syslog source to ingest Nginx Access log messages to be parsed by CSE.

Okta
Configure an Okta source to ingest Okta log messages and send them to CSE’s system parser.

OneLogin
Learn how to collect OneLogin log messages and send them to Sumo Logic to be ingested by CSE.
Osquery
Configure an HTTP source to ingest osquery log messages and send them to the CSE system parser.

Palo Alto Firewall
Configure collection of Palo Alto Firewall log messages to be parsed by CSE's system parser.

SentinelOne
Learn how to collect SentinelOne log messages and send them to be ingested by CSE.

Signal Sciences WAF
Lean how to collect Signal Sciences WAF log messages and sending them to Sumo Logic to be ingested by CSE.
Symantec Blue Coat Proxy
Configure a Syslog source to collect and send Symantec Proxy Secure Gateway (ProxySG) log messages to CSE.
Symantec Proxy Secure Gateway
Configure a syslog source to ingest Symantec Proxy Secure Gateway log messages to be parsed by CSE.

ZScaler NSS
Configure collection of ZScaler NSS log messages to be parsed by CSE's system parser for ZScaler NSS.

Zscaler Private Access
Configure an HTTP source to ingest Zscaler Private Access log messages and send them to CSE's system parser.