All Supported Log Source Technologies

ReliaQuest will use reasonable efforts to continue supporting the ReliaQuest Supported Log Source Technologies but shall not be responsible for any changes to any Log Source Technology or SIEM that causes such Log Source Technology to become unsupported.

SIEM	Log Source Technology (Vendor, Product Name)	Log Source Technology (Function)
Azure Sentinel	nix nix	Endpoint Detection, Operating System
Azure Sentinel	Azure Web Application Firewall	Web Application Firewall
Azure Sentinel	Cisco Duo Security	Multi Factor Authentication, Single Sign-on
Azure Sentinel	Cisco Umbrella	Forward Proxy, DNS
Azure Sentinel	CloudFlare WAF	Web Application Firewall
Azure Sentinel	Fidelis XPS	Data Loss Prevention
Azure Sentinel	Microsoft Active Directory	Single Sign-on, Identity and Access Management
Azure Sentinel	Microsoft Azure	Multi Factor Authentication, File Transfer/Storage, Single Sign-on, Flow Data, Virtualization
Azure Sentinel	Microsoft Azure SQL	Database
Azure Sentinel	Microsoft Azure Sentinel	SIEM/Log Aggregation, Security Orchestration Automation and Response
Azure Sentinel	Microsoft DNS	DNS
Azure Sentinel	Microsoft Entra ID	Identity and Access Management
Azure Sentinel	Microsoft Exchange	Email Server
Azure Sentinel	Microsoft IIS	Web Server
Azure Sentinel	Microsoft Office 365	Business Application, File Transfer/Storage, Email Security
Azure Sentinel	Microsoft Windows	Operating System, Endpoint Detection
Azure Sentinel	Okta Identity	Identity and Access Management, Single Sign-on, Multi Factor Authentication
Azure Sentinel	Proofpoint Targeted Attack Protection	Email Security
Azure Sentinel	Snowflake Data Platform	Virtualization
Chronicle	Amazon AWS CloudTrail	Virtualization
Chronicle	Check Point Connectra	Remote Access
Chronicle	Check Point Data Loss Prevention	Data Loss Prevention
Chronicle	Check Point Firewall	Firewall
Chronicle	Check Point SandBlast	Network Intrusion Detection
Chronicle	Check Point Security Management	IT Management, Network Infrastructure
Chronicle	Check Point SmartDefense	Network Intrusion Detection
Chronicle	Check Point URL Filtering	Forward Proxy
Chronicle	Check Point VPN-1	Remote Access
Chronicle	Cisco Duo Security	Multi Factor Authentication, Single Sign-on
Chronicle	Cisco FirePower	Network Intrusion Detection, Firewall
Chronicle	Cisco Meraki	Forward Proxy, Network Infrastructure, Network Intrusion Detection, Wireless Intrusion Detection, DHCP, Network Access Control, Firewall
Chronicle	CrowdStrike Falcon Insight	Endpoint Detection
Chronicle	CrowdStrike Falcon Prevent	Antivirus
Chronicle	Darktrace Detect	User Behavior Analytics, Network Intrusion Detection
Chronicle	Fortinet FortiGate NGFW	Network Intrusion Detection, Data Loss Prevention, Forward Proxy, Firewall, Web Application Firewall, Remote Access, DNS
Chronicle	Generic SaaS Application	Business Application
Chronicle	Google Cloud DNS	DNS
Chronicle	Google Cloud Platform	Virtualization, Data Loss Prevention, Identity and Access Management
Chronicle	Google Cloud Platform Storage	File Transfer/Storage
Chronicle	Kubernetes Kubernetes	Virtualization
Chronicle	Microsoft DNS	DNS
Chronicle	Microsoft Defender for Cloud Apps	Cloud Application Security Broker
Chronicle	Microsoft Defender for Endpoint	Endpoint Detection
Chronicle	Microsoft Defender for Office 365	Email Security
Chronicle	Microsoft Entra ID	Identity and Access Management
Chronicle	Microsoft Office 365	File Transfer/Storage, Business Application, Email Security
Chronicle	Microsoft Purview	Cloud Application Security Broker, Data Loss Prevention
Chronicle	Microsoft SQL Server	Database
Chronicle	Microsoft Windows	Endpoint Detection, Operating System
Chronicle	Okta Identity	Multi Factor Authentication, Identity and Access Management, Single Sign-on
Chronicle	Palo Alto Cortex XDR	Endpoint Detection, Antivirus
Chronicle	Palo Alto Networks IDS/IPS	Network Intrusion Detection
Chronicle	Palo Alto Networks URL Filtering	Forward Proxy
Chronicle	Palo Alto Networks Wildfire	Network Intrusion Detection, Antivirus
Chronicle	Palo Alto Next-Gen Firewall	Firewall
Chronicle	Proofpoint Targeted Attack Protection	Email Security
Chronicle	SentinelOne Endpoint Protection	Endpoint Detection, Antivirus
Chronicle	SonicWALL Firewall	Firewall
Chronicle	WatchGuard Fireware	Forward Proxy, Antivirus, Data Loss Prevention, Firewall, Network Intrusion Detection
Devo	nix nix	Operating System, Endpoint Detection
Devo	Cisco Adaptive Security Appliance	Firewall, Remote Access
Devo	Cisco Duo Security	Single Sign-on, Multi Factor Authentication
Devo	CrowdStrike Falcon Insight	Endpoint Detection
Devo	CrowdStrike Falcon Prevent	Antivirus
Devo	Microsoft Entra ID	Identity and Access Management
Devo	Microsoft Office 365	Email Security, Business Application, File Transfer/Storage
Devo	Microsoft Windows	Operating System, Endpoint Detection
Devo	Okta Identity	Identity and Access Management, Single Sign-on, Multi Factor Authentication
Devo	Symantec Secure Web Gateway	Forward Proxy, Network Intrusion Detection
Qradar	nix nix	Operating System, Endpoint Detection
Qradar	Akamai CDN	Web Server
Qradar	Akamai Kona Site Defender	Web Application Firewall, DDoS Protection
Qradar	Amazon API Gateway	Reverse Proxy
Qradar	Amazon AWS CloudTrail	Virtualization
Qradar	Amazon AWS Security Hub	SIEM/Log Aggregation
Qradar	Amazon AWS VPC Flow Data	Flow Data
Qradar	Amazon Application Load Balancer	Reverse Proxy
Qradar	Amazon CloudFront	Web Server
Qradar	Amazon Elastic Kubernetes Service	Virtualization
Qradar	Amazon GuardDuty	Network Intrusion Detection
Qradar	Amazon Route 53	DNS
Qradar	Amazon Simple Storage Service S3	File Transfer/Storage
Qradar	Amazon WAF	Web Application Firewall
Qradar	Apache Tomcat	Web Server
Qradar	Aqua Security Vulnerability Scanning	Vulnerability Scanner
Qradar	Arbor Networks Peakflow	Network Intrusion Detection
Qradar	Aruba ClearPass	Network Access Control
Qradar	Aruba EdgeConnect	Network Infrastructure
Qradar	Aruba Mobility Controller	Network Infrastructure
Qradar	Barracuda Email Security Gateway	Email Security
Qradar	Barracuda Firewall	Firewall
Qradar	Barracuda WAF	Web Application Firewall
Qradar	Barracuda Web Security Gateway	Forward Proxy
Qradar	BeyondTrust Endpoint Privilege Management	Privileged Access Management, Identity and Access Management
Qradar	BeyondTrust Password Safe	Password Vault
Qradar	BeyondTrust Secure Remote Access	Remote Access
Qradar	Bitdefender Endpoint Detection and Response	Antivirus, Endpoint Detection
Qradar	BlackBerry CylanceENDPOINT	Antivirus, File Integrity Monitoring, Endpoint Detection
Qradar	BlueCat Networks Adonis	DNS, DHCP
Qradar	Box Cloud Storage	File Transfer/Storage
Qradar	Broadcom Switch	Network Infrastructure
Qradar	Cato Networks Next-Gen Firewall	Firewall
Qradar	Cerberus FTP Server	File Transfer/Storage
Qradar	Check Point Connectra	Remote Access
Qradar	Check Point Firewall	Firewall
Qradar	Check Point SmartDefense	Network Intrusion Detection
Qradar	Cimcor CimTrak	File Integrity Monitoring
Qradar	Cisco ACS	Single Sign-on, Identity and Access Management
Qradar	Cisco Adaptive Security Appliance	Remote Access, Firewall
Qradar	Cisco Aironet	Network Infrastructure
Qradar	Cisco AnyConnect	Remote Access
Qradar	Cisco Duo Security	Multi Factor Authentication, Single Sign-on
Qradar	Cisco FirePower	Firewall, Network Intrusion Detection
Qradar	Cisco Identity Services Engine (ISE)	Network Access Control, Identity and Access Management
Qradar	Cisco Meraki	Network Infrastructure, Firewall, Wireless Intrusion Detection, DHCP, Forward Proxy, Network Intrusion Detection, Network Access Control
Qradar	Cisco NX-OS/IOS	Network Infrastructure
Qradar	Cisco Nexus	Network Infrastructure
Qradar	Cisco Secure Email	Email Security
Qradar	Cisco Secure Endpoint	Network Intrusion Detection, Endpoint Detection, Antivirus
Qradar	Cisco Stealthwatch	Network Intrusion Detection
Qradar	Cisco Umbrella	DNS, Forward Proxy
Qradar	Cisco Web Security Appliance	Forward Proxy
Qradar	Cisco Wireless LAN Controllers	Network Infrastructure
Qradar	Cisco Wireless Service Module	Network Infrastructure
Qradar	Citrix Netscaler	Remote Access
Qradar	Citrix Web App Firewall	Web Application Firewall
Qradar	CloudFlare CDN	DDoS Protection, Web Server
Qradar	CloudFlare WAF	Web Application Firewall
Qradar	Cofense Triage	Email Security
Qradar	Cofense Vision	Email Security
Qradar	Corelight Network Security	Database Activity Monitoring, Network Intrusion Detection, DNS, DHCP, Forward Proxy
Qradar	Cradlepoint NetCloud	Network Infrastructure
Qradar	CrowdStrike Falcon Insight	Endpoint Detection
Qradar	CrowdStrike Falcon Intelligence Recon	Deception Technology
Qradar	CrowdStrike Falcon Malquery	Threat Intelligence
Qradar	CrowdStrike Falcon Prevent	Antivirus
Qradar	CrowdStrike Firewall Management	IT Management
Qradar	CyberArk Enterprise Password Vault	Password Vault
Qradar	CyberArk Privileged Threat Analytics	Privileged Access Management
Qradar	Darktrace Detect	Network Intrusion Detection, User Behavior Analytics
Qradar	Delinea Secret Server	Privileged Access Management, Password Vault
Qradar	Digital Guardian Digital Guardian	Endpoint Detection, Data Loss Prevention
Qradar	Entrust IdentityGuard	Multi Factor Authentication
Qradar	Epic EMR	Business Application
Qradar	Exabeam Advanced Analytics	User Behavior Analytics
Qradar	ExtraHop Reveal(X)	Network Intrusion Detection
Qradar	Extreme Networks Switch	Network Infrastructure
Qradar	F5 Networks AFM	DDoS Protection, Firewall
Qradar	F5 Networks APM	Remote Access
Qradar	F5 Networks ASM	Web Application Firewall
Qradar	F5 Networks Firepass	Remote Access
Qradar	F5 Networks LTM	Reverse Proxy
Qradar	FileZilla File Transfer	File Transfer/Storage
Qradar	Flashpoint Intelligence Platform	Threat Intelligence
Qradar	Forcepoint IDS/IPS	Network Intrusion Detection
Qradar	Forcepoint NGFW	Firewall
Qradar	Forcepoint URL Filtering	Forward Proxy
Qradar	Forcepoint V Series	Network Infrastructure
Qradar	Forescout CounterAct	Network Access Control
Qradar	Fortinet FortiGate NGFW	Firewall, Network Intrusion Detection, Remote Access, Forward Proxy, Web Application Firewall, Data Loss Prevention, DNS
Qradar	Foundry Networks FastIron	Network Infrastructure
Qradar	Gemalto SafeNet	Identity and Access Management
Qradar	Generic Business Application	Business Application
Qradar	Generic Router	Network Infrastructure
Qradar	Generic SaaS Application	Business Application
Qradar	Gigamon ThreatINSIGHT	Network Intrusion Detection
Qradar	GitLab Code Repository	Business Application
Qradar	Google Cloud DNS	DNS
Qradar	Google Cloud Platform	Virtualization, Identity and Access Management, Data Loss Prevention
Qradar	Google Workspace	Business Application, Email Server, File Transfer/Storage, Email Security
Qradar	GreatHorn Cloud Email Security Platform	Email Security
Qradar	Guardicore Centra	Network Intrusion Detection
Qradar	HPE File Storage	File Transfer/Storage
Qradar	HashiCorp Vault	Password Vault
Qradar	Hitachi ID Bravura Identity	Identity and Access Management
Qradar	Hitachi ID Bravura Privilege	Privileged Access Management
Qradar	IBM DB2	Database
Qradar	IBM DataPower	Reverse Proxy
Qradar	IBM Guardium	Database Activity Monitoring, Data Loss Prevention
Qradar	IBM Qradar	User Behavior Analytics, SIEM/Log Aggregation
Qradar	IBM RACF	Business Application
Qradar	IBM Tivoli Access Manager	Multi Factor Authentication
Qradar	IBM i-Series	Business Application
Qradar	ISC BIND	DHCP, DNS
Qradar	Illumio Adaptive Security Platform	Network Infrastructure, Firewall
Qradar	Imperva DDoS Protection	DDoS Protection
Qradar	Imperva Data Security	Database Activity Monitoring
Qradar	Imperva Web Application Firewall	Web Application Firewall, Web Server
Qradar	Imprivata Enterprise Platform	Single Sign-on
Qradar	Infoblox DDI	DHCP, DNS
Qradar	Jamf Pro	Mobile Device Management
Qradar	JumpCloud Directory Platform	Single Sign-on, Identity and Access Management, Multi Factor Authentication, Mobile Device Management
Qradar	Juniper JUNOS	Remote Access, Network Infrastructure
Qradar	Juniper SRX	Firewall, Forward Proxy, Network Intrusion Detection
Qradar	Juniper Wireless LAN Controller	Network Infrastructure
Qradar	Kaspersky Endpoint Security	Antivirus
Qradar	Kubernetes Kubernetes	Virtualization
Qradar	Lacework Multicloud Security	Cloud Application Security Broker
Qradar	Medigate CORE	Network Intrusion Detection
Qradar	Micro Focus ArcSight Enterprise Security Manager	SIEM/Log Aggregation, User Behavior Analytics
Qradar	Microsoft Active Directory	Single Sign-on, Identity and Access Management
Qradar	Microsoft Azure	Virtualization, File Transfer/Storage, Flow Data, Single Sign-on, Multi Factor Authentication
Qradar	Microsoft Azure Front Door	Web Server
Qradar	Microsoft DHCP	DHCP
Qradar	Microsoft DNS	DNS
Qradar	Microsoft Defender for Cloud	Email Security, Cloud Application Security Broker, Network Intrusion Detection
Qradar	Microsoft Defender for Cloud Apps	Cloud Application Security Broker
Qradar	Microsoft Defender for Endpoint	Endpoint Detection
Qradar	Microsoft Defender for Office 365	Email Security
Qradar	Microsoft Entra ID	Identity and Access Management
Qradar	Microsoft Exchange	Email Server
Qradar	Microsoft HyperV	Virtualization
Qradar	Microsoft IIS	Web Server
Qradar	Microsoft Office 365	File Transfer/Storage, Email Security, Business Application
Qradar	Microsoft OneDrive	File Transfer/Storage
Qradar	Microsoft SCCM	IT Management
Qradar	Microsoft SQL Server	Database
Qradar	Microsoft Sharepoint	File Transfer/Storage
Qradar	Microsoft Windows	Operating System, Endpoint Detection
Qradar	Microsoft Windows Defender	Antivirus
Qradar	MikroTik RouterOS	Network Infrastructure, Firewall
Qradar	Mimecast Email Security	Email Security
Qradar	MongoDB Enterprise Advanced	Database
Qradar	N/A Syslog	Network Infrastructure
Qradar	NetIQ Access Manager	Single Sign-on
Qradar	Netgate pfSense	Network Infrastructure, Firewall, Remote Access
Qradar	Netmotion Enterprise VPN	Remote Access
Qradar	Netskope Security Cloud Platform	Forward Proxy, Data Loss Prevention, Cloud Application Security Broker
Qradar	Netwrix StealthDEFEND	User Behavior Analytics
Qradar	Nginx Web Server	Web Server
Qradar	Nortel VPN	Remote Access
Qradar	Nozomi Networks Central Management Console	IT Management, OT Security
Qradar	Nutanix Enterprise Cloud	Virtualization
Qradar	OSSEC HIDS	File Integrity Monitoring
Qradar	Obsidian Cloud Detection and Response	Cloud Application Security Broker
Qradar	Okta Identity	Identity and Access Management, Multi Factor Authentication, Single Sign-on
Qradar	OpenVPN OpenVPN	Remote Access
Qradar	Oracle Audit Vault	Database Activity Monitoring
Qradar	Oracle Database	Database
Qradar	Oracle MySQL	Database
Qradar	Palo Alto Cortex XDR	Endpoint Detection, Antivirus
Qradar	Palo Alto Networks Global Protect	Remote Access
Qradar	Palo Alto Networks IDS/IPS	Network Intrusion Detection
Qradar	Palo Alto Networks Prisma Cloud	Cloud Application Security Broker
Qradar	Palo Alto Networks URL Filtering	Forward Proxy
Qradar	Palo Alto Networks Wildfire	Network Intrusion Detection, Antivirus
Qradar	Palo Alto Networks XSOAR	Security Orchestration Automation and Response
Qradar	Palo Alto Next-Gen Firewall	Firewall
Qradar	Palo Alto Panorama	IT Management
Qradar	Ping Identity PingFederate	Multi Factor Authentication, Single Sign-on, Identity and Access Management
Qradar	Pleasant Password Server	Password Vault
Qradar	Postfix Mail Transfer Agent	Email Server
Qradar	ProFTPD ProFTPD	File Transfer/Storage
Qradar	Proofpoint Email Protection	Email Security
Qradar	Proofpoint TRAP	Email Security
Qradar	Proofpoint Targeted Attack Protection	Email Security
Qradar	Pulse Secure Pulse Connect Secure	Remote Access
Qradar	Pure Storage Platform	File Transfer/Storage
Qradar	Qualys Vulnerability Scanner	Vulnerability Scanner
Qradar	RSA SEcurID	Multi Factor Authentication
Qradar	RadWare Alteon	Reverse Proxy
Qradar	RadWare DefensePro	DDoS Protection
Qradar	RedHat JBoss	Web Server
Qradar	Riverbed SteelCentral	Flow Data
Qradar	SWIFT Banking Application	Business Application
Qradar	SalesForce SalesForce CRM	Business Application
Qradar	Saviynt Enterprise Identity Cloud	Identity and Access Management
Qradar	SecureAuth Identify Platform	Single Sign-on, Identity and Access Management
Qradar	SecureAuth MFA	Multi Factor Authentication
Qradar	SecureLink Remote Access Platform	Remote Access
Qradar	SecurityOnion Bro	Flow Data, DNS
Qradar	SentinelOne Endpoint Protection	Antivirus, Endpoint Detection
Qradar	SkyHigh Secure Web Gateway	Forward Proxy
Qradar	Snort/Suricata IDS/IPS	Network Intrusion Detection
Qradar	Snowflake Data Platform	Virtualization
Qradar	SolarWinds Orion	Performance Monitoring, IT Management
Qradar	SonicWALL Firewall	Firewall
Qradar	Sophos Antivirus	Antivirus
Qradar	Sophos Central	IT Management
Qradar	Sophos Enterprise Console	IT Management
Qradar	Sophos Intercept X	Endpoint Detection
Qradar	Sophos UTM	Firewall
Qradar	Sophos XG Firewall	Firewall
Qradar	Squid Proxy	Forward Proxy, Reverse Proxy
Qradar	Symantec DLP	Data Loss Prevention
Qradar	Symantec Email Security Cloud	Email Security
Qradar	Symantec Endpoint Protection	Firewall, Antivirus
Qradar	Symantec Secure Web Gateway	Network Intrusion Detection, Forward Proxy
Qradar	Tanium Protect	Endpoint Detection
Qradar	Trellix Cloud Security	Cloud Application Security Broker
Qradar	Trellix Data Loss Prevention	Data Loss Prevention
Qradar	Trellix Email Security	Email Security
Qradar	Trellix Endpoint Security (ENS)	Antivirus, Endpoint Detection, Data Loss Prevention
Qradar	Trellix Endpoint Security (HX)	Endpoint Detection, Antivirus
Qradar	Trellix Enterprise Security Manager	IT Management
Qradar	Trellix Intrusion Prevention System	Network Intrusion Detection
Qradar	Trellix Network Security	Network Intrusion Detection
Qradar	Trend Micro Apex One	Antivirus, Endpoint Detection
Qradar	Trend Micro Deep Security	Antivirus, Endpoint Detection
Qradar	Trend Micro Tipping Point UnityOne	Network Intrusion Detection
Qradar	Trend Micro Vision One	Endpoint Detection, Antivirus
Qradar	Trend Micro Worry Free	IT Management
Qradar	Tripwire Enterprise	File Integrity Monitoring
Qradar	Ubiquiti UniFi	Wireless Intrusion Detection, Network Infrastructure
Qradar	VMware Airwatch	Mobile Device Management
Qradar	VMware Carbon Black App Control	File Integrity Monitoring
Qradar	VMware Carbon Black Cloud Audit and Remediation	IT Management
Qradar	VMware Carbon Black Cloud Endpoint Standard	Antivirus
Qradar	VMware Carbon Black Cloud Enterprise EDR	Endpoint Detection
Qradar	VMware Carbon Black EDR	Endpoint Detection
Qradar	VMware ESXi	Virtualization
Qradar	VMware Horizon	Remote Access
Qradar	VMware vCenter	Virtualization
Qradar	VMware vRealize Operations	IT Management
Qradar	VMware vSphere	Virtualization
Qradar	Varonis DatAlert	User Behavior Analytics
Qradar	Varonis Datadvantage	File Integrity Monitoring
Qradar	Vectra Cognito	Network Intrusion Detection
Qradar	Verdasys Digital Guardian	Data Loss Prevention
Qradar	WatchGuard Fireware	Antivirus, Network Intrusion Detection, Forward Proxy, Data Loss Prevention, Firewall
Qradar	Wazuh Open Source Security Platform	Endpoint Detection
Qradar	Wiz Wiz	Cloud Application Security Broker
Qradar	Workday Enterprise Management Cloud	Business Application
Qradar	Zoho ManageEngine	Password Vault, IT Management
Qradar	Zscaler Internet Access	DNS, Forward Proxy, Firewall, Network Intrusion Detection, Data Loss Prevention
Qradar	Zscaler Private Access	Remote Access
Splunk	nix nix	Endpoint Detection, Operating System
Splunk	*nix auditd	Endpoint Detection
Splunk	Amazon AWS CloudTrail	Virtualization
Splunk	Amazon GuardDuty	Network Intrusion Detection
Splunk	Check Point Firewall	Firewall
Splunk	Check Point SmartDefense	Network Intrusion Detection
Splunk	Check Point URL Filtering	Forward Proxy
Splunk	Cisco Adaptive Security Appliance	Remote Access, Firewall
Splunk	Cisco AnyConnect	Remote Access
Splunk	Cisco Duo Security	Multi Factor Authentication, Single Sign-on
Splunk	Cisco FirePower	Network Intrusion Detection, Firewall
Splunk	Cisco Identity Services Engine (ISE)	Identity and Access Management, Network Access Control
Splunk	Cisco Meraki	Network Infrastructure, Forward Proxy, DHCP, Network Access Control, Wireless Intrusion Detection, Firewall, Network Intrusion Detection
Splunk	Cisco NX-OS/IOS	Network Infrastructure
Splunk	Cisco eStreamer	Network Infrastructure
Splunk	Citrix Netscaler	Remote Access
Splunk	CloudFlare CDN	DDoS Protection, Web Server
Splunk	CloudFlare WAF	Web Application Firewall
Splunk	CrowdStrike Falcon Insight	Endpoint Detection
Splunk	CrowdStrike Falcon Prevent	Antivirus
Splunk	CyberArk Enterprise Password Vault	Password Vault
Splunk	CyberArk Privileged Threat Analytics	Privileged Access Management
Splunk	CyberArk Workforce Identify	Identity and Access Management, Single Sign-on, Multi Factor Authentication
Splunk	Darktrace Detect	Network Intrusion Detection, User Behavior Analytics
Splunk	Delinea Secret Server	Privileged Access Management, Password Vault
Splunk	ExtraHop Reveal(X)	Network Intrusion Detection
Splunk	Fortinet FortiGate NGFW	Remote Access, Firewall, Data Loss Prevention, DNS, Network Intrusion Detection, Web Application Firewall, Forward Proxy
Splunk	Google Cloud Platform	Virtualization, Identity and Access Management, Data Loss Prevention
Splunk	Google Workspace	File Transfer/Storage, Email Server, Email Security, Business Application
Splunk	JumpCloud Directory Platform	Identity and Access Management, Multi Factor Authentication, Single Sign-on, Mobile Device Management
Splunk	Kubernetes Kubernetes	Virtualization
Splunk	Microsoft Active Directory	Identity and Access Management, Single Sign-on
Splunk	Microsoft Azure	Virtualization, Multi Factor Authentication, Single Sign-on, Flow Data, File Transfer/Storage
Splunk	Microsoft Azure Key Vault	Password Vault
Splunk	Microsoft DHCP	DHCP
Splunk	Microsoft DNS	DNS
Splunk	Microsoft Defender for Cloud	Network Intrusion Detection, Email Security, Cloud Application Security Broker
Splunk	Microsoft Defender for Cloud Apps	Cloud Application Security Broker
Splunk	Microsoft Defender for Endpoint	Endpoint Detection
Splunk	Microsoft Defender for Identity	User Behavior Analytics
Splunk	Microsoft Defender for Office 365	Email Security
Splunk	Microsoft Entra ID	Identity and Access Management
Splunk	Microsoft Exchange	Email Server
Splunk	Microsoft IIS	Web Server
Splunk	Microsoft Office 365	Email Security, File Transfer/Storage, Business Application
Splunk	Microsoft OneDrive	File Transfer/Storage
Splunk	Microsoft Purview	Data Loss Prevention, Cloud Application Security Broker
Splunk	Microsoft Windows	Endpoint Detection, Operating System
Splunk	Microsoft Windows Defender	Antivirus
Splunk	Mimecast Email Security	Email Security
Splunk	Netskope Security Cloud Platform	Data Loss Prevention, Forward Proxy, Cloud Application Security Broker
Splunk	Okta Identity	Identity and Access Management, Single Sign-on, Multi Factor Authentication
Splunk	Oracle MySQL	Database
Splunk	Palo Alto Cortex XDR	Antivirus, Endpoint Detection
Splunk	Palo Alto Networks Global Protect	Remote Access
Splunk	Palo Alto Networks IDS/IPS	Network Intrusion Detection
Splunk	Palo Alto Networks Prisma Cloud	Cloud Application Security Broker
Splunk	Palo Alto Networks URL Filtering	Forward Proxy
Splunk	Palo Alto Networks Wildfire	Network Intrusion Detection, Antivirus
Splunk	Palo Alto Networks XSOAR	Security Orchestration Automation and Response
Splunk	Palo Alto Next-Gen Firewall	Firewall
Splunk	Palo Alto Panorama	IT Management
Splunk	Ping Identity PingFederate	Single Sign-on, Identity and Access Management, Multi Factor Authentication
Splunk	Proofpoint Targeted Attack Protection	Email Security
Splunk	Pulse Secure Pulse Connect Secure	Remote Access
Splunk	SalesForce SalesForce CRM	Business Application
Splunk	Trellix Endpoint Security (ENS)	Endpoint Detection, Data Loss Prevention, Antivirus
Splunk	Trend Micro Apex One	Antivirus, Endpoint Detection
Splunk	VMware Carbon Black Cloud Endpoint Standard	Antivirus
Splunk	VMware Carbon Black Cloud Enterprise EDR	Endpoint Detection
Splunk	Websense Content Gateway	Forward Proxy
Splunk	Workday Enterprise Management Cloud	Business Application
Splunk	Zscaler Internet Access	Data Loss Prevention, Forward Proxy, DNS, Network Intrusion Detection, Firewall
Splunk	Zscaler Private Access	Remote Access
Sumo Logic	Microsoft Azure	Virtualization, Single Sign-on, Flow Data, Multi Factor Authentication, File Transfer/Storage
Sumo Logic	Microsoft Entra ID	Identity and Access Management
Sumo Logic	Microsoft Office 365	File Transfer/Storage, Business Application, Email Security
Sumo Logic	Okta Identity	Multi Factor Authentication, Single Sign-on, Identity and Access Management
Sumo Logic	SentinelOne Endpoint Protection	Antivirus, Endpoint Detection

Rest Assured: Has Your EDR Implementation Set You Up for Success?

All Supported Log Source Technologies