...
Technology | Data table name |
|---|---|
Akamai | cef0.akamai.akamai_siem +info |
Amazon Web Services | cef0.amazon.* +info |
AnubisNetworks Cyberfeed |
|
Akamai Logger | cef0.arcsight.logger +info |
AWN CyberSOC |
|
AWS VPC Flow Log | cef0.aws.vpcFlow +info |
Barracuda Web Application Firewall | cef0.barracuda.waf +info |
Barracuda Networks | cef0.barracudanetworks +info |
Blue Coat Systems | cef0.bluecoat +info |
Carbon Black Protection | cef1.carbonBlack.protection +info |
Check Point |
|
Check Point Application Control | cef0.checkPoint.applicationControl +info |
Check Point dshield agent log | cef0.checkPoint.stormagent |
Check Point Firewall |
|
Check Point Log Exporter | cef0.checkPoint.logUpdate (shown as cef0.check-point.log-update) |
Check Point Security Compliance |
|
Check Point Security Gateway |
|
Check Point Security Management Appliances | cef0.checkPoint.securityManagementServer |
Check Point SmartDashboard | cef0.checkPoint.smartdashboard |
Check Point SmartDefense | cef0.checkPoint.smartdefense |
Check Point SmartView |
|
Check Point VPN Solutions |
|
Cisco ASA | cef0.cisco.asa |
Cisco Email Security | cef0.cisco.ironport |
Cisco FWSM | cef0.cisco.fwsm |
Cisco Intrusion Detection System | cef0.cisco.ciscoIntrusionPreventionSystem |
Cisco Meraki Access Point | cef0.cisco.merakiAccessPoint +info |
Cisco NX-OS Software | cef0.cisco.nxOs |
Cisco routers | cef0.cisco.ciscorouter |
Cisco Secure Access Control System | cef0.cisco.ciscoSecureAcs |
Cisco/Sourcefire FireSIGHT System Event Streamer (eStreamer) | cef0.sourcefire.sourcefireManagementConsoleEstreamer |
Crowdstrike Falcon Host | cef0.crowdstrike.falconhost |
CyberArk Enterprise Password Vault | cef0.cyberArk.vault |
Cybereason | cef0.cybereason.* +info |
F5 ASM | cef0.f5.asm +info |
F5 BIG-IP Application Services | cef0.f5.bigIp |
Fireeye Email Security |
|
Forcepoint Data Loss Prevention | cef0.forcepoint.forcepointDlp |
Forcepoint Firewall | cef0.forcepoint.firewall |
Forcepoint Web Security | cef0.forcepoint.security +info |
Forescout CounterACT |
|
Fortinet FortiGate | |
IBM AS/400 | cef0.ibm.as400 |
IBM Guardium | cef0.ibm.guardium +info |
IBM Security | cef0.ibm.securityAccessManager +info |
Imperva Attack Analytics | cef0.impervaInc.attackAnalytics +info |
Imperva SecureSphere MX Management Server | cef0.impervaMx.securesphere |
Infoblox Network Identity Operating System | cef0.infoblox.nios |
Ipswitch Secure File Transfer Software | cef0.ipswitch.sftp |
Juniper Junos OS | cef0.juniper.junos |
Juniper NetScreen Security | cef0.juniper.netscreenVpn |
Juniper Network & Security Manager | cef0.juniper.nsm |
Juniper ScreenOS Firewall | cef0.netscreen.firewallVpn |
Juniper SSL VPN | cef0.juniper.juniperSsl |
Kaspersky | |
Lumension Endpoint Management and Security | cef0.lumension.lumension |
Malwarebytes | cef0.malwarebytes.malwarebytes-endpoint-protection +info |
McAfee ePolicy Orchestrator (McAfee ePO) | cef0.mcafee.epolicyOrchestrator |
McAfee Host Intrusion Prevention | cef0.mcafee.hostIntrusionPrevention |
McAfee Next Generation Firewall | cef0.mcafee.firewall |
McAfee Secure Internet Gateway | cef0.mcafee.secureInternetGateway |
Micro Focus ArcSight |
|
Microsoft Cloud App Security | cef0.mcas.siemAgent +info |
Microsoft DNS trace log | cef0.microsoft.dnsTraceLog |
Microsoft Defender ATP (now Microsoft Defender for Endpoint). | cef0.microsoft.windowsDefenderAtp +info |
Microsoft Exchange Server | cef0.microsoft.exchangeServer |
Microsoft Forefront Protection | cef0.microsoft.forefrontProtection |
Microsoft Forefront Threat Management Gateway | cef0.microsoft.isaServer |
Microsoft IIS | cef0.microsoft.internetInformationServer |
Microsoft Network Policy Server | cef0.microsoft.nps |
Microsoft SQL Server | cef0.microsoft.sqlServer |
Microsoft System Center Configuration Manager | cef0.microsoft.sccm_fep |
Microsoft system events | cef0.microsoft.systemOrApplicationEvent |
Microsoft Windows | cef0.microsoft.microsoftWindows |
Nagios Network Monitoring | cef0.nagios.nagios |
Palo Alto Networks PAN-OS | cef0.paloAltoNetworks.panOs |
Powertech SIEM Agent | cef0.powertech.siemAgent |
Preempt Behavioral Firewall | cef0.preemptsecurity.pbf |
Proofpoint Messaging Security Gateway | cef0.proofpoint.messagingSecurityGateway |
Qualys | cef0.qualys.qualys |
RSA Identity Management and Governance | cef0.rsa.identityManagementService |
SAP - Security Audit Log | cef0.sap.securityAuditLog |
Snort Intrusion Detection (Open source) | cef0.snort.snort |
SonicWall | cef0.sonicwall +info |
Sophos Anti-Virus | cef0.sophos.sophosAntiVirus |
Sophos XG firewall | cef0.sophos.xg +info |
Stonesoft Firewall |
|
Symantec | cef0.symantec.symantec |
Symantec Data Loss Prevention | cef0.symantec.dlp |
Symantec Email Security | cef0.symantec.mailSecurityAppliance |
Symantec Endpoint Protection Mobile | cef0.symantec.symantecEndpointProtectionMobile |
Symantec ProxySG |
|
Trend Micro Control Manager |
|
Trend Micro Deep Discovery Analyzer | cef0.trendMicro.deepDiscoveryAnalyzer +info |
Trend Micro TippingPoint Unity One IPS | cef0.trendMicro.deepDiscoveryDirector In order to start sending data to Devo using this tag, you must configure some parameters. Go to Policies → Common Objects → Other → Syslog Configuration and enter the following data. Click here for more info. Server Name:
If the customer has dedicated data nodes, it should use the endpoint provided by Devo. |
Trend Micro XDR | cef0.trendmicro.xdr +info |
Tripwire Enterprise | cef0.tripwire.enterprise |
Unix Sendmail | cef0.unix.sendmail |
VMware ESX | cef0.vmware.esx |
Watchguards XTM 11.x.x. | cef0.watchguards.xtm330 +info |
Websense (now part of Forcepoint) | cef0.websense.security |
Zscaler |
...