Third-Party Log Collection supported vendors and products

Views:

Find the products supported by Trend Vision One for third-party log ingestion.

Logs from any product that can send logs in syslog format (including CEF and LEEF formats) can be ingested into Trend Vision One via collectors connected to log repositories in Third-Party Log Collection. Trend Vision One also provides dedicated connectors to ingest log data from the following cloud products:

Microsoft Defender for Endpoint
AWS CloudTrail
AWS VPC Flow Logs
AWS WAF
Amazon Route53 Resolver Query Logs
AWS EKS Audit Logs
AWS Security Hub
Azure Activity logs
Microsoft Entra ID

To ingest log data from products that do not support syslog format or do not have dedicated connectors or integrations in Trend Vision One, you must first convert the logs into syslog format before forwarding the data to Trend Vision One.

The following vendors, products, and log types are selectable when configuring a collector for a log repository in Third-Party Log Collection.

Vendor	Product
1Password	1Password Extended Access Management Extended Access Management
A10 Networks	Load Balancer
Abnormal AI	Abnormal Human Behavior AI Platform
Absolute Software Corporation	Absolute Secure Endpoint
Acalvio Technologies, Inc.	Alcalvio ShadowPlex
Active Countermeasures, Inc.	AC-Hunter
ADTRAN Holdings, Inc.	ADVA Fiber Service Platform
Advanced Micro Devices, Inc. (AMD)	Pensando DSS
Agiloft, Inc.	Agiloft Data-first Agreement Platform
Airlock Digital Pty Ltd	Airlock Digital Allowlisting
Akamai Technologies, Inc.	App & API Protector Cloud Monitor DataStream 2 Edge DNS Enterprise Application Access Guardicore Segmentation SIEM Integration
Akeyless.io Ltd.	Akeyless Vaultless Platform
Alcatel-Lucent Enterprise	OmniSwitch
AlgoSec, Inc.	AlgoSec Security Management Suite
AlphaSOC, Inc.	AlphaSOC
Amazon Web Services, Inc.	Amazon API Gateway Amazon Aurora Amazon CloudFront Amazon CloudWatch Amazon EC2 Amazon EC2 Dedicated Host Amazon ECS Container Insights Amazon EMR Amazon GuardDuty Amazon Inspector Amazon Macie Amazon RDS Amazon Redshift Amazon Route 53 Amazon S3 Amazon Virtual Private Cloud AWS Client VPN AWS CloudTrail AWS Config AWS Control Tower AWS Identity and Access Management (IAM) AWS Key Management Service AWS Lambda AWS Network Firewall AWS Security Hub AWS Systems Manager Session Manager AWS WAF Elastic Load Balancing VPC flow logs VPC flow logs (CSV) VPC Transit Gateway flow logs
Anomali Inc.	Anomali ThreatStream
Apache Software Foundation	Apache Cassandra Apache Hadoop Apache HTTP Server Apache Tomcat
Appian Corporation	Appian Protect
Apple Inc.	Endpoint Security macOS
AppOmni Inc.	AppOmni SaaS Security Platform
Aqua Security Software Ltd	Aqua Platform
Archer Technologies LLC	Archer
Arctic Wolf Networks Inc.	Aurora Protect
Arista Networks, Inc.	Arista NDR Arista switches Converged Cloud Fabric (CCF)
Armis, Inc.	Armis Centrix Armis Centrix for Early Warning Armis Centrix for OT/ IoT Security Armis Centrix for Vulnerability Prioritization and Remediation
Array Networks, Inc.	AG SSL VPN
Asimily Inc.	Asimily
Asset Panda LLC	Asset Panda
Atlassian Corporation Plc	Atlassian Cloud audit logs Bitbucket Confluence Jira
Automation Anywhere, Inc.	Automation Anywhere
Avatier Corporation	Identity Anywhere Password Management
Avaya LLC	Avaya Experience Portal
Azion Corporation	Azion Edge Firewall
Barracuda Networks, Inc.	Barracuda CloudGen Firewall Barracuda Email Protection Barracuda Web Application Firewall Barracuda Web Security Gateway
BeyondTrust Software, Inc.	BeyondInsight BeyondTrust Endpoint Privilege Management BeyondTrust Modern PAM activity logs BeyondTrust Privileged Identity BeyondTrust Privileged Remote Access
Bindplane, Inc.	Bindplane
Bitwarden, Inc.	Bitwarden
BlueCat Networks, Inc.	BlueCat Edge BlueCat Integrity
BMC Software, Inc.	BMC AMI Defender BMC Helix Client Management BMC Helix Discovery
Box, Inc.	Box
Broadcom Inc.	ACF2 Broadcom Support Portal Brocade ServerIron ADX Brocade switches CA Access Control CA Privileged Access Manager Carbon Black App Control Carbon Black EDR Layer7 SiteMinder LDAP Server for z/OS Symantec Edge Secure Web Gateway (SWG) Symantec SSL Visibility Appliance
Cambium Networks Corporation	cnMaestro
Cato Networks Ltd.	Cato SASE Cloud
CD Foundation	Jenkins
Censys, Inc.	Censys
Center for Internet Security, Inc. (CIS)	Albert Network Monitoring
Centripetal Networks, Inc.	CleanINTERNET
Cequence Security, Inc.	Cequence Bot Management
Check Point Software Technologies Ltd.	CloudGuard CNAPP Harmony Connect Harmony Email & Collaboration Quantum firewalls SandBlast SmartDefense
Ciena Corporation	Ciena routers
Cimcor, Inc.	CimTrak
CircleCI, Inc.	CircleCI
Cisco Systems, Inc.	AnyConnect Secure Mobility Client Catalyst SD_WAN Cisco ACE Cisco ACI Cisco APIC Cisco ASA Cisco Catalyst Center Cisco Cloudlock Cisco Duo activity logs Cisco Duo administrator actions Cisco Duo entity context data Cisco Duo Passport Cisco Duo telephony logs Cisco Duo user context Cisco Event Streamer Cisco Expressway Cisco FireSIGHT Management Center Cisco Firepower NGFW Cisco IOS Cisco IOS DHCP Server Cisco Meraki Cisco NX-OS Cisco PIX Cisco Prime Cisco Secure Access Control Server Cisco Secure Email Cisco Secure Email and Web Manager Cisco Secure Endpoint Cisco Secure Network Analytics Cisco Secure Web Appliance Cisco Secure Workload Cisco Services Modules Cisco TrustSec Cisco UCS Cisco Umbrella Cisco Umbrella Cloud-Delivered Firewall Cisco Unified Communications Manager Cisco Unity Connection Cisco Vision Dynamic Signage Director Cisco Wireless Control System Cisco aWIPS Cisco routers Cisco switches ISE TACACS+
Cisco Talos	ClamAV
Citrix Systems, Inc.	Citrix Workspace Monitor NetScaler StoreFront
Claroty, Inc.	Claroty Continuous Threat Detection (CTD) Claroty Enterprise Management Console (EMC) Claroty xDome
Cloud Native Computing Foundation	Fluentd Keycloak Kubectl auth-proxy Kubernetes Audit Logs Kubernetes Node
Cloudflare, Inc.	Cloudflare Area 1 Cloudflare Audit Logs Cloudflare Network Analytics Cloudflare Page Shield Cloudflare WAF Cloudflare for SaaS WARP
Cloudian	Cloudian HyperStore
CloudM	CloudM Automate
CloudPassage, Inc.	CloudPassage Halo
Cofense, Inc.	Cofense PDR
Cohesity, Inc.	NetBackup
Colinet Trotta S.A.	GAUS mp
comforte AG	SecurDPS
Commvault Systems, Inc.	Commvault CommCell
Corelight, Inc.	Open NDR Platform
Cribl	Cribl Stream
CrowdStrike Holdings, Inc.	CrowdStrike Falcon Adversary Intelligence CrowdStrike Falcon Endpoint Security CrowdStrike Falcon Event Streams CrowdStrike Falcon Identity Protection CrowdStrike Falcon Next-Gen SIEM Falcon FileVantage
CrushFTP, LLC	CrushFTP
Cyber 2.0	Cyber 2.0 Detection System
CyberArk Software Ltd.	CyberArk Endpoint Privilege Manager CyberArk Privileged Access Manager CyberArk Privileged Threat Analytics CyberArk Secure Cloud Access
Cybereason	Cybereason EDR
Cynet	Cynet All-in-One
Cyolo Ltd.	Cyolo PRO
Darktrace Holdings Ltd	Darktrace / NETWORK
Datadog, Inc.	Datadog Network Monitoring
Dataminr	Dataminr First Alert
Datto, Inc.	Datto File Protection
Deep Instinct	Deep Instinct DSX
Delinea Inc.	Privileged Access Service Privileged Remote Access Secret Server Secret Server Distributed Engine
Dell Technologies Inc.	CyberSense Dell ECS Dell EMC PowerScale Dell OpenManage Dell PowerProtect Data Domain Dell PowerStore Dell PowerSwitch
Department of Health and Human Services	Enterprise Security Services
Digi International	Digi Remote Manager
DigiCert Inc.	DigiCert Solutions Infrastructure Security
Digital Arts Inc.	i-Filter
Digital Monitoring Products	Physical security solutions
DNSFilter, Inc.	DNSFilter Data Export
DomainTools	Threat Intelligence Feeds
dope.security	dope.swg
Druva Inc.	Druva Data Protection
Edgio	Edgio WAF
EfficientIP	EfficientIP SOLIDserver DDI
Elastic	Auditbeat Elastic Defend Elasticsearch Packetbeat Winlogbeat
Emerson Electric Co.	File Scanning Framework (FSF)
Entrust Corp.	Entrust nShield HSM
Epic Systems Corporation	Epic
Ergon Informatik AG	Ergon Airlock IAM
ESET	ESET Enterprise Inspector ESET NOD32 Antivirus ESET Threat Intelligence
ExtraHop Networks	ExtraHop RevealX
Extreme Networks, Inc.	Extreme Networks switches Extreme Platform ONE
F5, Inc.	BIG-IP Access Policy Manager F5 BIG-IP Advanced Firewall Manager F5 BIG-IP Advanced WAF F5 BIG-IP Application Security Manager F5 BIG-IP DNS F5 BIG-IP Local Traffic Manager F5 Distributed Cloud Services F5 Silverline
Fastly, Inc.	Fastly CDN Fastly Next-Gen Web Application Firewall
Fidelis Security	Fidelis Network Detection and Response
FileZilla	FileZilla
FingerprintJS, Inc.	Fingerprint
Fivetran	Fivetran
Forcepoint	Forcepoint CASB Forcepoint Data Loss Prevention Forcepoint Email Security Forcepoint Next-Generation Firewall Forcepoint Web Security
Forescout	eyeInspect Forescout Network Access Control
Fortinet, Inc.	FortiAnalyzer FortiAuthenticator FortiClient FortiDDoS FortiEDR FortiGate FortiGate DCHP FortiMail Email Security FortiManager FortiNAC FortiProxy FortiSandbox FortiSwitch FortiWeb Lacework FortiCNAPP Polygraph
Fortra LLC	Clearswift Digital Guardian Digital Guardian Endpoint Detection & Response Powertech SIEM Agent for IBM i
GFI Software	KerioControl Firewall
GitGuardian	GitGuardian
GitHub, Inc.	Dependabot GitHub Enterprise
GitLab Inc.	GitLab Dedicated
GMV	Checker ATM Security
Google	ChromeOS XDR Google Kubernetes Engine context logs Google SecOps SOAR Google SecOps custom IoCs Google Workspace Admin Chrome Enterprise management Mandiant Threat Intelligence
Google Cloud	Apigee Cloud NGFW Enterprise Cloud SWP Compute context logs Firewall Rule Logging Google App Engine Google BigQuery Google Cloud Audit Logs Google Cloud Compute Engine Google Cloud Data Loss Prevention Google Cloud DNS Google Cloud Functions context logs Google Cloud IDS Google Cloud Identity and Access Management Google Cloud Identity and Access Management IAM Policy Analyzer Google Cloud IoT Core Google Cloud Load Balancing Google Cloud Monitoring Google Cloud NAT Google Cloud Resource Manager Google Cloud Run Google Cloud SQL Google Cloud SQL context logs Google Cloud Security Command Center Risk Engine Google Cloud Security Command Center Security Posture Management Google Cloud Security Command Center Threat Detection Google Cloud Storage context logs Looker Network Connectivity Center reCAPTCHA Enterprise VPC Flow Logs
Google Open Source	Forseti Security
Google Workspace	Gmail Audit Logs Google Workspace Activities Google Workspace Admin Console ChromeOS device management Google Workspace Admin Console group management Google Workspace Admin Console mobile device management Google Workspace Admin Console roles and privileges Google Workspace Admin Console users Google Workspace Alerts
Gresham Technologies	Prime EDM
H3C	Comware
HackerOne	HackerOne
Halcyon	Halcyon Anti-Ransomware Platform
Hannes von Haugwitz	AIDE (Advanced Intrusion Detection Environment)
HAProxy Technologies	HAProxy
Harness	Harness AI DevOps Platform
HashiCorp	HashiCorp Vault Terraform Enterprise
HC Networks Co., Ltd.	Account@Adapter+
HCL Software	HCL BigFix
HID Global	DigitalPersona Reports
Hillstone Networks	Hillstone A-Series NGFW
Hitachi Vantara	Virtual Storage Platform One
Honeywell International Inc.	OnGuard
Hewlett Packard Enterprise	Aruba Networking Central BladeSystem c7000 Integrated Lights-Out (iLO) Nimble OS ProCurve switch Red Hat Enterprise Linux from HPE
HPE Aruba Networking	Aruba ClearPass HPE Aruba Networking Central Gateway IDS/IPS HPE Aruba Networking EdgeConnect SD-WAN HPE Aruba Networking Management Software (AirWave) HPE Aruba Networking switches HPE Aruba Networking wireless devices
HPE Juniper Networking	Juniper AI-driven SD-WAN Juniper Mist Juniper MX Series routers Juniper NGFW Junos OS
Huawei Technologies Co., Ltd.	Huawei switches
HYPR	HYPR Identity Assurance Platform
IBM	IBM AIX IBM CICS Transaction Server IBM Cloud Activity Tracker IBM DataPower Gateway IBM Db2 IBM DS8000 IBM Guardium IBM i IBM Informix IBM MaaS360 IBM OpenPages with Watson IBM Power Systems IBM QRadar SIEM IBM QRadar SOAR IBM Security Access Manager for Web WebSEAL IBM Security Identity Manager IBM Security Verify IBM Security Verify Access IBM Security Verify SaaS IBM Security zSecure Alert IBM Tape Storage Solutions IBM Tivoli IBM Websphere Application Server IBM z/OS
iboss	iboss Secure Cloud Gateway
Illumio	Illumio Core
Infoblox, Inc.	Infoblox DDI solutions Infoblox DNS Firewall with RPZ Infoblox Threat Defense
InfoExpress, Inc.	CyberGatekeeper
Ingrian Networks, Inc.	Ingrian DataSecure Appliance
Intel	Intel Endpoint Management Assistant
Intel 471	Verity471
Internet Systems Consortium, Inc.	BIND ISC DHCP Kea DHCP
InterSystems	InterSystems Caché
ION Group	ION Spectrum
IONIX	IONIX Attack Surface Management
Island	Island Enterprise Browser
Jadaptive	LogonBox Authenticator
Jamf	Jamf Pro Jamf Pro CMDB Jamf Pro context logs Jamf Protect alerts Jamf Protect telemetry Jamf Protect threat events Jamf Security Cloud
Jfrog	JFrog Artifactory
JumpCloud	JumpCloud Directory Insights
Kaspersky	Kaspersky Antivirus Kaspersky Endpoint Security
Keeper Security	Keeper Enterprise Security
Kemp Technologies	Kemp LoadMaster
Kisi	Kisi Access Control
Kiteworks, Inc.	Kiteworks Data Loss Prevention (DLP) Solution Kiteworks Private Data Network
KnowBe4	PhishER
Kong	Kong Gateway
Kyriba	Kyriba Treasury Management
LastPass	LastPass Password Management
LexisNexis Risk Solutions	FircoSoft
LimaCharlie	LimaCharlie SecOps Cloud
Linkshadow	LinkShadow CyberMeshX
Linux Foundation	Falco ISC DHCP Linux Auditing System (Auditd) systemd journald
Lookout, Inc.	Lookout Mobile Endpoint Security
Lucid Software Inc.	Lucid
Malwarebytes	ThreatDown Endpoint Detection and Response
Mandiant, Inc. (Google)	Mandiant Alerts
MariaDB Corporation	MariaDB
Mattermost, Inc	Mattermost
Microsoft	Sysmon for Linux
Mimecast Limited	Aware Governance & Compliance Suite Aware Signal Application Mimecast Incydr
Motorola Solutions, Inc.	Avigilon Unity Access
NCR Corporation	D3 Digital Banking
Netwrix Corporation	Endpoint Protector by CoSoSys
Niels Provos	Honeyd
Okta, Inc.	Auth0
Open Identity Platform Community	OpenAM OpenDJ OpenIdM
Open Text Corporation	OpenText Enterprise Security Manager
Paessler	PRTG
Palo Alto Networks, Inc.	Prisma SD-WAN
Ping Identity Corporation	ForgeRock Identity Cloud
Planetcast Media Services Limited	MAM.c
Progress Software	MOVEit Transfer MOVEit Transfer SFTP
Proofpoint, Inc.	ET PRO
Red Hat, Inc.	Ansible AWX
ReliaQuest	Digital Shadows SearchLight GreyMatter Threat Intelligence
S.C. Bitdefender S.R.L.	GravityZone Endpoint Detection and Response (EDR)
SentinelOne, Inc.	SentinelOne Singularity
Thales Group	CipherTrust Manager Imperva Advanced Bot Protection Imperva CEF logs Imperva Data Risk Analytics Imperva Data Security Fabric Imperva FlexProtect Imperva SecureSphere Imperva Web Application Firewall SafeNet Trusted Access SentinelOne Singularity Thales Attack Analytics Thales File Activity Monitoring
Trellix	Skyhigh Security Trellix Data Loss Prevention Trellix ePO Trellix ePolicy Orchestrator Trellix Email MPS Trellix Email Security Trellix Endpoint Forensics Trellix Endpoint Forensics audit logs Trellix Enterprise Security Manager Trellix MVISION Cloud Access Security Broker Trellix Network Security Trellix Network Security audit logs Trellix Packet Capture
Xcitium	Xcitium
Zoho Corporation	ManageEngine AD360 ManageEngine ADAudit Plus ManageEngine ADManager Plus ManageEngine Log360 ManageEngine Reporter Plus