Elastic 集成
从各种应用、终端、基础架构、云、网络、工作场所工具和生态系统中的所有其他常见来源中流式传输日志、指标、痕迹、内容等。向您选择的通知工具发送告警。轻松连接到所有重要系统。

1Password

Abnormal Security

Abuse.ch Malware & URL Threat Intel

Active Directory Entity Analytics

ActiveMQ

Admin By Request EPM

AlienVault Open Threat Exchange (OTX)

Amazon Bedrock
Amazon CloudWatch
Amazon EC2

Amazon GuardDuty
Amazon S3

Amazon Security Lake
Amazon VPC
Anomali ThreatStream
Apache

Arista Firewall

auditd

Auditd Manager

Auth0

Authentik
AWS CloudTrail
AWS Elastic Load Balancing

AWS Inspector

AWS Security Hub

AWS WAF
Azure Activity Logs
Azure Audit Logs
Azure Event Hub

Azure Firewall

Azure Front Door

Azure Network Watcher

Azure OpenAI
Azure WAF

Barracuda CloudGen Firewall

Barracuda WAF

BBOT
Beats

BeyondTrust BeyondInsight

BitDefender
Bitwarden

blacklens.io

Box Events

Bravura Monitor

Broadcom ProxySG

Canva

Check Point Email & Collaboration

Check Point Firewall

Check Point Harmony Endpoint

Cilium Tetragon

CISA Known Exploited Vulnerabilities

Cisco Aironet
Cisco ASA

Cisco Duo
Cisco Firepower Threat Defense
Cisco IOS
Cisco Nexus

Cisco Secure Endpoint

Cisco Umbrella

Citrix Web Application Firewall

Claroty CTD

Cloudflare

Collective Intelligence Framework
Common Event Format (CEF)

Corelight

Cribl

CrowdStrike Falcon

CrowdStrike Falcon Intelligence

Custom Threat Intelligence
Custom Windows event logs
Customized Connector

CyberArk EPM

CyberArk Privileged Access Security

CyberArk Privileged Threat Analytics

Cybereason
Cybersixgill

Darktrace
Data Exfiltration Detection

Digital Guardian

EclecticIQ
Elastic Agent


ESET Protect

ESET Threat Intelligence

F5 BIG-IP

Falco

FireEye Network Security

First EPSS
Fleet Server

Forcepoint

Forcepoint Web Security

ForgeRock

Fortinet FortiEDR

Fortinet FortiGate

Fortinet FortiMail

Fortinet FortiManager

Fortinet FortiProxy

Gigamon

Gitlab

GoFlow2
Google Cloud
Google Cloud Audit
Google Cloud Firewall
Google Cloud VPC

Google Santa

Google SecOps

Google Security Command Center

Hashicorp Vault
HTTP
IBM MQ

IBM Resilient
Icinga

Imperva Cloud WAF

Imperva WAF

Infoblox BloxOne DDI

Infoblox NIOS
iptables

Jamf Compliance Reporter

Jamf Pro

Jamf Protect

JumpCloud

Juniper SRX Series
Kafka

Keycloak

LastPass
Linux Audit Framework
Linux systemd journals

Log files (Generic)
LotL Attack Detection

Lumos

Lyve Cloud

Maltiverse

Malware Information Sharing Platform (MISP)

Mandiant Advantage

Mattermost

Menlo Security

Microsoft 365 Defender

Microsoft Defender for Cloud

Microsoft Defender for Endpoint

Microsoft DHCP Server

Microsoft DNS Server

Microsoft Entra ID

Microsoft Exchange Message Trace

Microsoft Exchange Server

Microsoft Graph Activity

Microsoft Sentinel
Microsoft SQL Server
MongoDB
NATS
NetFlow
NGINX
NGINX Ingress Controller

Okta

Okta Entity Analytics

OpenCanary

OpenCTI
Osquery Log Collection
Osquery Manager
PagerDuty

Palo Alto Cortex XDR

Palo Alto Prisma Access
Palo Alto Prisma Cloud
Pensando

pfSense

Ping Federate

Ping Identity PingOne

Pleasant Password Server
PostgreSQL

PowerShell
Prebuilt Security Detection Rules

Proofpoint OnDemand

Proofpoint Targeted Attack Protection (TAP)

Pulse Connect Secure

Qualys VMDR
RabbitMQ

Rapid7 InsightVM

Rapid7 Threat Command

Recorded Future

Sailpoint Identity Security Cloud

SentinelOne

SentinelOne Cloud Funnel
ServiceNow ITOM
ServiceNow SecOps
SNMP

Snort

Snyk

Sonicwall Firewall

Sophos Central

Sophos UTM

Sophos XG Firewall

SpyCloud

Squid Proxy

Stormshield Network Security

Sublime Security

Suricata

Symantec Endpoint Protection

Sysdig

syslog

Syslog Router
Sysmon
Sysmon for Linux

System
System Audit

Tanium

Teleport
Tenable Vulnerability Management

ThreatConnect

ThreatQuotient

Thycotic Secret Server

Torq

Traefik
Trellix EDR Cloud

Trellix ePO

Trend Micro Deep Security

Trend Vision One

Tychon
Vectra Detect

VMware Carbon Black EDR

WatchGuard Firebox

Web Crawler
Webhook
Windows
Wiz

xMatters

Zeek (Bro)

Zero Networks
ZeroFox
Airflow

Akamai
Amazon CloudFront
Amazon DynamoDB
Amazon EBS

Amazon EMR
Amazon Kinesis Data Firehose

Amazon MQ
Amazon RDS
Amazon Redshift
Amazon S3 Storage Lens
Amazon SNS
Amazon VPC NAT Gateway
Apache Spark

Apache Tomcat

AWS API Gateway
AWS Billing
AWS Fargate
AWS Network Firewall
AWS Transit Gateway
AWS Usage
AWS VPN

Azure App Service
Azure Application Gateway

Azure Application Insights

Azure Application State Insights
Azure Billing
Azure Blob Storage
Azure Container Instance
Azure Container Registry
Azure Container Service
Azure Database Account

Azure Functions
Azure Monitor

Azure Platform

Azure Spring Cloud
Azure Storage Account
Azure VM
Azure VM Scale Sets

Bitbucket
Box

Cassandra
Ceph

Cisco Identity Services Engine (ISE)

Cisco Secure Email Gateway

collectd

Confluence Cloud
Confluence Data Center

Confluence Server

Containerd
Couchbase

CouchDB
Dropbox
Dropbox Paper
Dropwizard
Elastic APM Server
etcd
File Integrity Monitoring
Fluentd
GCP Metrics Input

GCP Vertex AI
Gmail
Go Expvar
Google Cloud Billing
Google Cloud Compute
Google Cloud Dataproc
Google Cloud DNS
Google Cloud Firestore
Google Cloud Functions
Google Cloud GKE
Google Cloud Load Balancing
Google Cloud Redis
Google Cloud Stackdriver
Google CloudSQL Metrics

Google Drive

Graphite

GraphQL
HTTP Check
IBM Websphere
ICMP Check
InfluxDB
Istio
Jaeger
JDBC
JIRA Data Center
JMS

JMX Jolokia
journald
Kubernetes
Kubernetes API Server
Kubernetes Controller Manager
Kubernetes Events
Kubernetes Metrics Service
Kubernetes Proxy
Kubernetes Scheduler

kvm
Linux
Memcached

Microsoft OneDrive

Microsoft Outlook
Mimecast

ModSecurity
MongoDB Atlas

MQTT

Munin
NATS Streaming

Netskope
Network Drive & File Systems
Network Packet Capture

Notion

OpenAI
OpenMetrics
OpenTracing

OpsGenie
Oracle
PHP
PHP FPM
Prometheus

Prometheus Input

QNAP NAS

Redis Enterprise

Rubrik
Salesforce
Salesforce Sandboxes

SharePoint Online

SharePoint Server

SQL
SQL Input

STAN Metrics
StatsD
TCP Check
Tenable Security Center

Universal Profiling

VMware Carbon Black Cloud

vSphere
X.509 SSL/TLS Certificate Check

Zscaler Internet Access
