Company | Product / service | Data tables |
---|
| AWS CloudTrail | cloud.aws.cloudtrail.access_analyzer cloud.aws.cloudtrail.acm cloud.aws.cloudtrail.acm_pca cloud.aws.cloudtrail.amazonmq cloud.aws.cloudtrail.apigateway cloud.aws.cloudtrail.appmesh cloud.aws.cloudtrail.appstream cloud.aws.cloudtrail.appsync cloud.aws.cloudtrail.athena cloud.aws.cloudtrail.backup cloud.aws.cloudtrail.batch cloud.aws.cloudtrail.billingconsole cloud.aws.cloudtrail.budgets cloud.aws.cloudtrail.cloudsearch cloud.aws.cloudtrail.cloudshell cloud.aws.cloudtrail.codeartifact cloud.aws.cloudtrail.codebuild cloud.aws.cloudtrail.codecommit cloud.aws.cloudtrail.codedeploy cloud.aws.cloudtrail.codepipeline cloud.aws.cloudtrail.cognito_identify cloud.aws.cloudtrail.cognito_idp cloud.aws.cloudtrail.comprehend cloud.aws.cloudtrail.config cloud.aws.cloudtrail.datapipeline cloud.aws.cloudtrail.dax cloud.aws.cloudtrail.digest_logfile cloud.aws.cloudtrail.digest_meta cloud.aws.cloudtrail.directconnect cloud.aws.cloudtrail.dms cloud.aws.cloudtrail.ds cloud.aws.cloudtrail.ecr_public cloud.aws.cloudtrail.ecs cloud.aws.cloudtrail.elasticache cloud.aws.cloudtrail.elasticbeanstalk cloud.aws.cloudtrail.elastictranscoder cloud.aws.cloudtrail.es cloud.aws.cloudtrail.firehose cloud.aws.cloudtrail.fsx cloud.aws.cloudtrail.glacier cloud.aws.cloudtrail.glue cloud.aws.cloudtrail.guardduty cloud.aws.cloudtrail.identifystore cloud.aws.cloudtrail.kafka cloud.aws.cloudtrail.kinesisanalytics cloud.aws.cloudtrail.kinesisvideo cloud.aws.cloudtrail.lakeformation cloud.aws.cloudtrail.license_manager cloud.aws.cloudtrail.lightsail cloud.aws.cloudtrail.mediaconnect cloud.aws.cloudtrail.mediaconvert cloud.aws.cloudtrail.mediapackage cloud.aws.cloudtrail.mediastore cloud.aws.cloudtrail.mediatailor cloud.aws.cloudtrail.network_firewall cloud.aws.cloudtrail.opsworks cloud.aws.cloudtrail.opsworks_cm cloud.aws.cloudtrail.pi cloud.aws.cloudtrail.pricelist cloud.aws.cloudtrail.ram cloud.aws.cloudtrail.rekognition cloud.aws.cloudtrail.route53domains cloud.aws.cloudtrail.route53resolver cloud.aws.cloudtrail.sagemaker cloud.aws.cloudtrail.savingsplans cloud.aws.cloudtrail.schemas cloud.aws.cloudtrail.securityhub cloud.aws.cloudtrail.servicecatalog cloud.aws.cloudtrail.servicecatalog_appregistry cloud.aws.cloudtrail.servicediscovery cloud.aws.cloudtrail.servicesquotas cloud.aws.cloudtrail.shield cloud.aws.cloudtrail.sms cloud.aws.cloudtrail.soo_directory cloud.aws.cloudtrail.ssm cloud.aws.cloudtrail.states cloud.aws.cloudtrail.storagegateway cloud.aws.cloudtrail.support cloud.aws.cloudtrail.swf cloud.aws.cloudtrail.translate cloud.aws.cloudtrail.trustedadvisor cloud.aws.cloudtrail.waf cloud.aws.cloudtrail.waf_regional cloud.aws.cloudtrail.wafv2 cloud.aws.cloudtrail.wellarchitected cloud.aws.cloudtrail.workspaces cloud.aws.cloudtrail.xray
Check more info about these parsers |
AWS CloudWatch | cloud.aws.cloudwatch.events
Check more info about this parser |
AWS Simple Queue Service (SQS) | |
AWS Web Application Firewall (WAF) | |
| Azure Active Directory | cloud.azure.ad.audit cloud.azure.ad.managed_identity_signin cloud.azure.ad.noninteractive_user_signin cloud.azure.ad.provisioning cloud.azure.ad.risky_users cloud.azure.ad.service_principal_signin cloud.azure.ad.signin cloud.azure.ad.user_risk_events
Check more info about these parsers |
Azure Activity log | cloud.azure.activity.events
Check more info about these parsers |
Azure App Service | cloud.azure.appservice.administrative cloud.azure.appservice.policy
Check more info about these parsers |
Azure Application Gateway | cloud.azure.appgetaway.access_log cloud.azure.appgetaway.administrative cloud.azure.appgetaway.firewall_log cloud.azure.appgetaway.policy
Check more info about these parsers |
Azure Container Registry | cloud.azure.contregistry.login
Check more info about these parsers |
Azure Data Factory | cloud.azure.datafactory.administrative
Check more info about these parsers |
Azure Database for PostgreSQL | cloud.azure.postgresql.events
Check more info about these parsers |
Azure Diagnostics extension | cloud.azure.wad.waddirectories cloud.azure.wad.wadperformancecounters cloud.azure.wad.wadwindowseventlogs
Check more info about these parsers |
Azure Event Hub | Check more info about these parsers |
Azure Firewall | cloud.azure.firewall.application_rule cloud.azure.firewall.network_rule cloud.azure.firewall.dns_proxy
Check more info about these parsers |
Azure Front Door | cloud.azure.frontdoor.access cloud.azure.frontdoor.waf
Check more info about these parsers |
Azure Host Pool | cloud.azure.hostpools cloud.azure.hostpools.agenthealthstatus cloud.azure.hostpools.checkpoint cloud.azure.hostpools.connection cloud.azure.hostpools.error cloud.azure.hostpools.management
Check more info about these parsers |
Azure Key Vault | cloud.azure.keyvault.administrative cloud.azure.keyvault.audit cloud.azure.keyvault.policy
Check more info about these parsers |
Azure Kubernetes Service | cloud.azure.aks.cluster_autoscaler cloud.azure.aks.guard cloud.azure.aks.kube_apiserver cloud.azure.aks.kube_audit cloud.azure.aks.kube_audit_admin cloud.azure.aks.kube_controller_manager cloud.azure.aks.kube_scheduler
Check more info about these parsers |
Azure Monitor | cloud.azure.monitor.alert cloud.azure.monitor.audit
Check more info about these parsers |
Azure Monitor Metrics | cloud.azure.metrics.metricsBlobLog cloud.azure.metrics.metricsCapacityBlob cloud.azure.metrics.metricsTableLog cloud.azure.metrics.metricsTransactionsBlob cloud.azure.metrics.metricsTransactionsQueue cloud.azure.metrics.metricsTransactionsTable
Check more info about these parsers |
Azure Monitor Metrics: other metrics | cloud.azure.others.administrative cloud.azure.others.autoscale cloud.azure.others.events cloud.azure.others.policy cloud.azure.others.recommendation cloud.azure.others.resourcehealth
Check more info about these parsers |
Azure Network Security | cloud.azure.sec.nsg cloud.azure.sec.rms
Check more info about these parsers |
Azure Security Center | cloud.azure.securitycenter.security
Check more info about these parsers |
Azure Service Bus | cloud.azure.servicebus.metrics cloud.azure.servicebus.operational
Check more info about these parsers
|
Azure Site Recovery | cloud.azure.siterecovery.addon_backup_jobs cloud.azure.siterecovery.addon_backup_policy cloud.azure.siterecovery.addon_backup_protected_inst cloud.azure.siterecovery.addon_backup_storage cloud.azure.siterecovery.backup_report cloud.azure.siterecovery.core_backup cloud.azure.siterecovery.net_sec_group_event cloud.azure.siterecovery.net_sec_group_rule_counter cloud.azure.siterecovery.site_rec_recovery_points cloud.azure.siterecovery.site_rec_rep_stats cloud.azure.siterecovery.site_rec_replicated_items
Check more info about these parsers |
Azure SQL Database | cloud.azure.sql.automatic_tuning cloud.azure.sql.resourceusagestats cloud.azure.sql.securityauditevents cloud.azure.sql.query_store_runtime
Check more info about these parsers |
Azure Storage Server | cloud.azure.storage.administrative
Check more info about these parsers |
Azure Virtual Machines | cloud.azure.vm.administrative cloud.azure.vm.metrics_simple cloud.azure.vm.policy cloud.azure.vm.resourcehealth
Check more info about these parsers |
Azure Virtual Machine Scale Sets | cloud.azure.vmscalesets.administrative cloud.azure.vmscalesets.autoscale cloud.azure.vmscalesets.policy cloud.azure.vmscalesets.resourcehealth
Check more info about these parsers |
| Box cloud content management | Check more info about these parsers |
| Cloudflare | cloud.cloudflare.logpush.<eventType> cloud.cloudflare.logpush.http
Check more info about these parsers |
| Cloud Foundry application | cloud.cloud_foundry.application cloud.cloud_foundry.uaa cloud.cloud_foundry.credhub cloud.cloud_foundry.bosh
Check more info about these parsers |
| Google Cloud | cloud.gcp.scc.event_threat
Check more info about these parsers |
| Cisco Meraki | cloud.meraki.api.changelog
Check more info about these parsers |
| Netskope cloud | |
| Microsoft Office 365 (hosted on Azure) | cloud.office365.exchange cloud.office365.management cloud.office365.messagetracing
Check more info about these parsers |
Microsoft Office 365 Business event and alert logs | cloud.office365.siem_agent_event cloud.office365.siem_agent_alert
Check more info about these parsers |
| Rubrik cloud data management | |
| VMware Tanzu Operations Manager | cloud.vmware_tanmzu.opsmanager.audit
Check more info about these parsers |