McAfee SIEM Supported Devices

Transcription

1 Last Updated 11/10/15 A10 Networks Load Balancer Load Balancer All ASP Syslog AX Series Accellion Secure File Transfer Application All ASP Syslog Access Layers Portnox NAC 2.x ASP Syslog Adtran Bluesocket Wireless Access Point All ASP Syslog and greater NetVanta Network Switches & All ASP Syslog AirTight Networks SpectraGuard Application All ASP Syslog NGN Switch Switch All ASP Syslog 9.2 and greater Alcatel-Lucent VitalQIP Devices / Web All ASP Syslog Amazon CloudTrail Generic N/A ASP API and greater American Power Conversion Apache Software Foundation Apple Inc. Uninterruptible Power Supply Power Supplies All ASP Syslog Apache HTTP Server Apache Web Server Mac OS X / Web / Web / Web 1.x, 2.x Code Based Syslog 9.1 to x, 2.x ASP Syslog All ASP Syslog Peakflow SP Network Switches & 2.x and greater ASP Syslog 9.2 and greater Arbor Networks Peakflow X Network Switches & 2.x Code Based Syslog 9.1 to Peakflow X Network Switches & All ASP Syslog Pravail IDS / IPS All ASP Syslog ArcSight Common Event Event All ASP Syslog 9.2 and greater Aruba Aruba OS Wireless Access Point N/A Code Based Syslog ClearPass Wireless Access Point 5.x ASP Syslog Avecto Privilege Guard (epo) IAM / IDM 3.x ASP epo - SQL 9.2 and greater Axway Barracuda Networks BeyondTrust Bit9 Blue Coat SecureTransport / Web All ASP Syslog Spam Firewall Security Appliances / UTMs 3.x, 4.x ASP Syslog Web Application Firewall Security Appliances / UTMs All ASP Syslog Web Filter Security Appliances / UTMs All ASP Syslog BeyondTrust REM Vulnerability All N/A N/A BeyondTrust Retina Vulnerability All N/A N/A Bit9 Security Platform / Parity Suite - CEF Application All ASP Syslog 9.2 and greater Bit9 Security Platform / Parity Suite Application All ASP Syslog Carbon Black IDS / IPS All ASP Syslog 9.2 and greater Director Web All ASP Syslog 9.2 and greater ProxySG Web 4.x-6.x ASP Syslog Access Log Blue Lance, Inc. LT Auditor+ for Novell NetWare Application 9.x Code Based SQL 9.1 to Blue Ridge Networks BorderGuard Firewall 5000, 6000 ASP Syslog BlueCat Networks BlueCat DNS/DHCP Server Application All ASP Syslog Bradford Networks Campus Manager All ASP Syslog Bro Network Security Monitor Bro Network Security Monitor Network Security All ASP Syslog 9.4 and greater BigIron, FastIron and NetIron Network Switches & 7.5 and greater ASP Syslog Brocade IronView Network Manager All ASP Syslog VDX Switch Network Switches & All ASP Syslog 9.2 and greater CA Technologies DataMinder - CEF DLP All ASP Syslog CEF SiteMinder Web Access All ASP Syslog Cerner Cerner P2 Sentinel Healthcare Auditing All Code Based Check Point Check Point Firewall All ASP OPSEC 9.3 and greater Firewall 1, Edge, Enterprise, Express, NG, NGX, SmartEvent and VPN Check Point via Splunk Firewall All ASP Syslog 9.2 and greater Using Splunk app

2 Cimcor CimTrak Management Console Configuration Management All Code Based ASA NSEL Firewall / Flow All Netflow Netflow CATOS v7xxx / Network Switches & 6.x, 7.x ASP Syslog Content Services Switches Other All ASP Syslog CSA Console / IDS / IPS 5.x, 6.x Code Based SQL Guard DDoS Mitigator IDS / IPS All ASP Syslog Identity Services Engine Other All ASP Syslog IDS (4.x+ RDEP protocol) IDS / IPS 4.x and greater SDEE IOS 12.x and greater ASP Syslog Cisco Citrix IOS ACL Network Switches & 12.x and greater IOS EAP 12.x and greater IOS Firewall Firewall / Network Switches & 12.x and greater IOS IDS 12.x and greater IOS IPS (SDEE protocol) Application Protocol All SDEE HTTP IronPort Security Security 6.x, 7.x ASP Syslog IronPort Web Security Appliance Web 6.x, 7.x ASP Syslog Meraki Wireless All ASP Syslog and greater MDS Network Switches & All ASP Syslog NAC Appliance NAC Appliance (Clean Access) NX-OS All ASP Syslog 4.x Code Based HTTP 9.1 to x, 5.x ASP Syslog Open TACACS+ Authentication All ASP Syslog PIX IDS 12.x and greater PIX/ASA/FWSM Firewall / IDS / IPS 5.x and greater ASP Syslog Secure ACS IDS / IPS 3.x, 4.x ASP Syslog Unified Communications Applications All ASP Syslog 9.2 and greater Unified Computing System / Web All ASP Syslog VSM/VPN Concentrator Virtual Private Network 2.x - 4.x Code Based Syslog 9.1 to WAAS / Web All ASP Syslog WAP200 Wireless Access Point All ASP Syslog Wireless Control System Network Switches & All ASP Syslog Wireless Lan Controller Network Switches & All ASP Syslog NetScaler (AppFlow) Flow All IPFix IPFix 9.2 and greater NetScaler Web All ASP Syslog Secure Gateway Web All ASP Syslog 9.2 and greater ACL, IOS FW, IOS IDS and DSP Use Cisco IOS data source Use Cisco IOS data source Use Cisco IOS data source Use Cisco IOS data source Formerly Clean Access Use Cisco PIX/ASA/FWSM data source Secure Gateway & NetScaler Web also supported Cluster Labs Pacemaker Application 1.x ASP Syslog Code Green Data Loss Prevention DLP 8.x ASP Syslog Cooper Power Cybectec RTU Network Switches & 5.x, 6.x ASP Syslog Yukon IED Manager Suite Application All ASP Syslog Corero Corero IPS IDS / IPS All ASP Syslog Critical Watch Critical Watch FusionVM Vulnerability All N/A N/A Enterprise Password Vault Application 5.x ASP Syslog CyberArk Privileged Identity Management Suite - Application CEF All ASP Syslog CyberGuard CyberGuard Firewall 5.x Code Based Syslog 9.1 to Includes FS, SG, SL Cyberoam Cyberoam UTM and NGFW UTM / Firewall 10.0 and greater ASP Syslog 9.2 and greater Cyrus Cyrus IMAP & SASL Messaging 2.x ASP Syslog D-Link NetDefend UTM Firewall UTM All ASP Syslog 9.2 and greater Damballa Failsafe Anti-Malware All ASP Syslog and greater SonicWALL Aventail Virtual Private Network 10.x ASP Syslog Dell SonicWALL SonicOS Firewall All ASP Syslog PowerConnect Switches Network Switches & All ASP Syslog DenyAll rweb Firewall / DoS rweb 4.1, , ASP Syslog and greater

3 DG Technology - InfoSec Mainframe Event Acquisition System MainFrame 5.x, 6.x ASP Syslog Digital Defense Digital Defense Frontline Vulnerability All N/A N/A and greater Econet Sentinel IPS IDS / IPS All ASP Syslog 9.2 and greater EdgeWave iprism Web Security Web All ASP Syslog Enforcive System z SMF DB2 MainFrame All ASP Syslog Dragon IPS IDS / IPS 1.x-7.x ASP Syslog 9.4 and greater Dragon Sensor IDS / IPS 1.x-7.x Code Based SQL 9.1 to Enterasys Networks Dragon Squire IDS / IPS 1.x-7.x Code Based SQL 9.1 to Enterasys N and S Switches Network Switches & 7.x ASP Syslog Enterasys Network Access Control Network Switches & 7.x ASP Syslog Entrust IdentityGuard Application All ASP Syslog Epic Clarity - SQL Pull Healthcare Application 2010, 2012, 2014 ASP SQL and greater Extreme Networks ExtremeWare XOS Network Switches & 7.x, 8.x ASP Syslog F5 Networks BIG-IP Access Policy Manager Network Switches & All ASP Syslog BIG-IP Application Security Manager - Web All ASP Syslog 9.2 and greater CEF Firepass SSL VPN Virtual Private Network All ASP Syslog Local Traffic Manager - LTM Web All ASP Syslog DG Technology MEAS agent, DB2/IMS/Datacom/ID MS, CICS, FTP, MasterConsole, RACF/Top Secret/ACF2, Telnet, VSAM/BDAM/PDS, TCP/IP, SMP/E, Authorized Load Libraries, RMF Performance Data, Batch Job and Started, Tasks Start/Stop, Top Secret, Type 80 Formerly Bsafe, AS/400, DB2/IMS/Datacom/ID MS, FTP, RACF/Top Secret/ACF2, Telnet, VSAM/BDAM/PDS Auditing specific events Alpine, BlackDiamond and Summit FairWarning Patient Privacy Monitoring Application Security 2.9.x Code Based Fidelis Fidelis XPS Network Security Applicance All ASP Syslog FireEye FireEye Malware Protection System - CEF Antivirus/Malware 5.x and greater ASP Syslog Fluke Networks AirMagnet Enterprise Network Switches & 8.x ASP Syslog Force10 Networks FTOS Network Switches & All ASP Syslog ForeScout CounterACT Network Switches & 5.x and 6.x ASP Syslog CounterACT CEF Network Switches & 7.x and greater ASP Syslog FortiAuthenticator Authentication 3.x ASP Syslog 9.2 and greater FortiGate Antivirus Antivirus All Code Based Syslog 9.1 to FortiGate Firewall Firewall 3.x Code Based Syslog 9.1 to FortiGate IDS IDS / IPS All Code Based Syslog 9.1 to Fortinet FortiGate UTM - Comma Delimited - Firewall All ASP Syslog FortiGate UTM - Space Delimited - Firewall All ASP Syslog FortiMail FortiManager Firewall All ASP Syslog FortiWeb Web Application Firewall Firewall All ASP Syslog FreeRADIUS FreeRADIUS Authentication All ASP Syslog Fujitsu IPCOM Firewall / IDS / IPS All ASP Syslog 9.4 and greater Advanced Syslog Other All ASP Syslog CIFS/SMB File Source Other N/A Code Based File pull 9.2 and greater ELM only FTP/FTPS File Source Other N/A Code Based File pull 9.2 and greater ELM only HTTP/HTTPS File Source Other N/A Code Based File pull 9.2 and greater ELM only Generic Other N/A Code Based 9.2 and greater NFS File Source Other N/A Code Based File pull 9.2 and greater ELM only SCP File Source Other N/A Code Based File pull 9.2 and greater ELM only SFTP File Source Other N/A Code Based File pull 9.2 and greater ELM only GFI GFI LanGuard VA Scanner All Code Based File pull Gigamon GigaVUE Switches & All ASP Syslog and greater Global Technology Associates GNAT Box Firewall 5.3.x ASP Syslog Good Technology Good Mobile Control Application All ASP Syslog 9.2 and greater Google Search Appliance Application All ASP Syslog 9.2 and greater

4 HBGary Active Defense UTM All ASP Syslog 3Com Switches Switches & All ASP Syslog LaserJet Printers Printers All ASP Syslog OpenVMS 1.x ASP Syslog Hewlett-Packard ProCurve Network Switches & All ASP Syslog Vertica Database Virtual Connect Applicaton Devices 4.4x ASP Syslog and greater Hitachi ID Identity and Access Management Suite Authentication ASP Syslog 9.2 and greater HyTrust HyTrust CloudControl NAC 3.x, 4.x ASP Syslog 9.2 and greater DB2 Database 8.x, 9.x, 10.x Guardium Database ing 6.x, 7.x ASP Syslog 9.2 and greater Informix Database 11.5 ISS Real Secure Server Sensor x Code Based SQL 9.1 to ISS SiteProtector Security Management All Code Based SQL Use DG Technoloty MainFrame MainFrame All MEAS IBM Proventia GX Other All ASP Syslog System Z DB2 Database All Use DG Technoloty MEAS Tivoli Endpoint Manager - BigFix / Other All ASP Syslog Linux Required Tivoli Identity Manager - SQL Pull IAM / IDM All ASP SQL 9.2 and greater WebSphere Application Server Application 7.0 and greater ASP File pull and greater WebSphere DataPower SOA Appliances Application 4.x ASP Syslog and greater z/os, z/vm MainFrame Use DG Technoloty MEAS Imperva WAF/DAM - CEF Database All ASP Syslog 9.2 and greater Infoblox NIOS Application All ASP Syslog InfoExpress CyberGatekeeper LAN Network Switches & All Code Based Syslog 9.1 to Snare for AIX Other All ASP Syslog InterSect Alliance Snare for Solaris Other All ASP Syslog Snare for Windows Other All ASP Syslog Inter Inter Cache Database x Invincea Enterprise - CEF / Other All ASP Syslog IPFIX IPFIX Network Flow All IPFix IPFix Ipswitch WS_FTP Application All ASP Syslog iscan Online iscan Online Vulnerability All N/A N/A 9.4 and greater Itron Itron Enterprise Edition Smart Grid Application All ASP Syslog Jflow Jflow (Generic) Network Flow 5, 7, 9 Netflow Juniper Secure Access/MAG VPN All ASP Syslog JUNOS - Structured-Data Network Switches & All ASP Syslog JUNOS Router Network Switches & All ASP Syslog NetScreen / IDP Network Switches & All ASP Syslog Juniper Networks NetScreen Firewall Firewall 4.x, 5.x, 6.x Code Based Syslog 9.1 to NetScreen IDP IDS / IPS 3.x, 4.x Code Based Syslog 9.1 to NetScreen SSL VPN Secure Access VPN 5.x - 7.x Code Based Syslog 9.1 to Network and Security Manager - NSM All ASP Syslog Secure Access version 7 VPN 5.x-7.x ASP Syslog Steel Belted Radius Radius Server 5.x and greater ASP Syslog Kaspersky Administration Kit - SQL Pull Antivirus All ASP SQL and greater KEMP Technologies LoadMaster Network Switches & 4.x, 5.x ASP Syslog Kerio Technologies Kerio Control Firewall All ASP Syslog and greater Lancope StealthWatch 4.x-5.6 Code Based Syslog 9.1 to StealthWatch 6.x and greater ASP Syslog LANDESK LANDESK Vulnerability All N/A N/A 9.4 and greater Legacy Event Center Other All ASP Syslog Informant IDS / IPS All ASP Syslog 9.3 and greater Lieberman Enterprise Random Password Manager Application All ASP Syslog and greater XML Locum RealTime Monitor Application All ASP Syslog

5 LOGbinder LOGbinder Application All ASP Syslog 9.2 and greater Device Control - Endpoint Manager Security Suite (L.E.M.S.S.) DLP 8 ASP Syslog and greater Lumension Bouncer - CEF Application 5.x and greater ASP Syslog 9.2 and greater Bouncer Application 4.x ASP Syslog Lumension Vulnerability All N/A N/A MailGate, Ltd. MailGate Server Management / Host / Server / 3.5 ASP Syslog Advanced Threat Defense Anti-Malware x and greater ASP Syslog / DXL and greater AntiSpyware (epo) Antivirus All ASP epo - SQL 9.2 and greater Application and Change Control (epo) Web All ASP epo - SQL 9.2 and greater Asset Manager Sensor Asset Management All ASP Syslog and greater Correlation Engine Other All Correlation Database Security - CEF Database All ASP Syslog 9.2 and greater Database Security (epo) Database All ASP epo - SQL 9.2 and greater Deep Defender (epo) Other All ASP epo - SQL 9.2 and greater Gateway - CEF Web 6.x and greater ASP Syslog 9.2 and greater EWS v5 / Gateway Original - Legacy - Web 5.x ASP Syslog IronMail - Legacy- Web All ASP Syslog Endpoint Encryption (epo) Application All ASP epo - SQL and greater Endpoint Protection for Mac Antivirus 2.0 and greater ASP Syslog and greater McAfee epo Audit Log (epo) Other All ASP epo - SQL 9.2 and greater epolicy Orchestrator Other All ASP epo - SQL 9.2 and greater epolicy Orchestrator (epo) Management / Host / Server / 3.x and greater ASP epo - SQL 9.2 and greater Firewall Enterprise Firewall / IDS / IPS 8.x ASP Syslog 9.2 and greater Host Data Loss Prevention (epo) DLP All ASP epo - SQL 9.2 and greater Host Intrusion Prevention (epo) IDS / IPS 6.x and greater ASP epo - SQL 9.2 and greater Informant IDS / IPS All ASP Syslog 9.3 and greater McAfee Advanced Correlation Engine Correlation All McAfee Application Data Monitor Application All Code Based Event Monitor for SIEM Database All Code Based McAfee Enterprise Log Manager McAfee Enterprise Security Manager Receiver Receiver/ELM McAfee Security for Domino Windows Web (epo) All ASP epo - SQL 9.2 and greater McAfee Security for Microsoft Exchange (epo) Web All ASP epo - SQL 9.2 and greater McAfee Vulnerability Manager Vulnerability All N/A N/A and greater MOVE AntiVirus (epo) Antivirus All ASP epo - SQL and greater Network Access Control (epo) Other All ASP epo - SQL 9.2 and greater Network DLP Monitor DLP All ASP Syslog Network Security Manager - SQL Pull IDS / IPS 6.x and greater ASP SQL and greater Formerly IntruShield Network Security Manager IDS / IPS 6.x and greater ASP Syslog Formerly IntruShield Network Threat Response IDS / IPS , 4.1 ASP Code Based API , 9.4.1and greater Next Generation Firewall - Stonesoft IDS / IPS All ASP Syslog Nitro IPS IDS / IPS All ASP Syslog One Time Password Server Authentication 3.1 ASP Syslog 9.2 and greater Policy Auditor (epo) Policy Server All ASP epo - SQL 9.2 and greater SaaS Protection Security All ASP File Pull and greater SaaS Web Protection Web All ASP Syslog SiteAdvisor (epo) Other All ASP epo - SQL 9.2 and greater Threat Intelligence Exchange Reputation Server ASP epo - DXL and greater UTM Firewall Firewall All ASP Syslog VirusScan (epo) Antivirus All ASP epo - SQL 9.2 and greater Web Gateway Web All ASP Syslog WebShield Web All ASP Syslog NTR is supported on ESM 9.3.x NTR 4.1 is supported on ESM and greater. Supports csv formatted reports

6 MEDITECH Caretaker HealthCare Application All ASP Syslog Microsoft Mirage Networks Motorola NetApp ACS - SQL Pull All ASP SQL and greater Adiscon Windows Events All Code Based Syslog Assets via Active Directory Asset All Event Forwarding MEF - McAfee 2008 WMI SIEM Exchange Message Tracking 2007, 2010, 2013 ASP Logs Forefront Client Security HIPS 2010 ASP SQL and greater Forefront Endpoint Protection - SQL Pull Forefront Threat Management Gateway / Internet Security and Acceleration - W3C Forefront Threat Management Gateway - SQL Pull Forefront Unified Access Gateway Internet Authentication Service - ted Internet Authentication Service - XML Internet Information Services Internet Information Services - FTP Internet Information Services - SMTP Internet Information Services HIPS 2010, 2012 ASP SQL Firewall / Host / Server / / Web / Virtual Private Networks All ASP File pull IDS / IPS 2010 ASP SQL 9.3 and greater IDS / IPS 2010 ASP Syslog and greater Web Content/Filtering/Proxies 2003, 2008 ASP Syslog Web Content/Filtering/Proxies 2003, 2008 ASP Syslog / Web Content / Filtering / Proxies / Web Content / Filtering / Proxies / Web Content / Filtering / Proxies / Web Content / Filtering / Proxies All Code Based Syslog 9.1 to All All All ASP ASP ASP 9.2 and greater Microsoft Active Directory Other All WMI WMI Microsoft Exchange Server Other 2007, 2010 WMI WMI Microsoft SQL Server Database All WMI WMI MSSQL Database 7, 2000, 2005, 2008, 2012 MSSQL Error Log Database All ASP Syslog 9.2 and greater MSSQL Server C2 Audit Database 2000, 2005, 2008 Code Based MEF - McAfee SIEM Network Policy Server Policy Server All ASP Syslog Operations Manager All Code Based SQL 9.1 to PhoneFactor Application All ASP Syslog SharePoint Host / Server / File Management 2007, 2010 ASP Syslog System Center Operations Manager Security Management 2007 Code Based Windows DHCP Debug DHCP Logs 2003, 2008 ASP Windows DNS Debug DNS Logs 2003, 2008 ASP Windows Event Log - CEF Windows Event Log - WMI MEF - McAfee SIEM All ASP Syslog 9.2 and greater XP, Server 2003, Server 2008, Server 2012, Windows 7 and Windows 8 WMI WMI CounterPoint Code Based Syslog 9.1 to AirDefense Wireless Switch All ASP Syslog AirDefense Enterprise Wireless Switch All Code Based Syslog 9.1 to Data ONTAP Storage 7.x ASP Syslog DataFort Storage Switch All ASP Syslog FAS Storage All NetFlow Generic NetFlow Flow 5, 7, 9 NetFlow NetFlow Windows 8 is supported in ESM version and greater Use NetApp Data OnTap data source

7 NetFort Technologies NetIQ LANGuardian Security Manager Sentinel Log Manager Management / Host / Server / Network Switches & / Security Management Network Switches & / Security Management All ASP Syslog 5.1 ASP Syslog All ASP Syslog NetWitness Informer - CEF Application All ASP Syslog Spectrum - CEF Malware All ASP Syslog 9.2 and greater URL Integration NGS NGS SQuirreL Vulnerability All N/A N/A Niksun NetDetector Other All ASP Syslog Nokia IPSO Firewall All Code Based Syslog 9.1 to Contivity VPN Network Switches & 7.x Code Based Syslog 9.1 to Nortel Networks Contivity VPN Network Switches & 7.x ASP Syslog 9.4 and greater Passport 8000 Series Switches Network Switches & 7.x ASP Syslog VPN Gateway 3050 Virtual Private Network 8.x ASP Syslog edirectory Management / Host / Server / All ASP Syslog 9.2 and greater Novell Identity and Access Management - IAM IAM / IDM All ASP Syslog npulse CPX Flow & Packet Capture Packet Capture All N/A N/A URL Integration OpenVAS OpenVAS Vulnerability All N/A N/A OpenVPN OpenVPN VPN 2.1 and greater ASP Syslog Directory Server Enterprise Edition Authentication 11 ASP Syslog and greater Also covers: Sun ONE Server and Sun Java Directory Server Enterprise Edition Identity Manager - SQL Pull IAM / IDM ASP SQL and greater Oracle Internet Directory Authentication 11 ASP MySQL Oracle Database Database (32 bit, Windows) 4.x, 5.x, 6.x 8.x, 9.x, 10g, 11g, 11g R and greater Oracle Audit - SQL Pull Database 10g, 11g ASP SQL and greater Support grain and fine grain logs Osiris Oracle Audit Database All ASP Syslog and greater Audit Vault and Database Firewall Database / Firewall 12.x ASP Syslog and greater Real Application Clusters - RAC Database 11g ASP File Pull and greater Solaris Basic Security Module - BSM 9.x, 10.x ASP Syslog WebLogic Other 8.1.x ASP Syslog Host Integrity Monitor / IDS / IPS ASP Syslog Palo Alto Networks Palo Alto Firewalls Firewall All ASP Syslog Pivotal Greenplum Database Postfix Postfix Application All ASP Syslog PostgreSQL PostgreSQL Database 7.4.x, 8.4.x, 9.0.x, 9.1.x PostgreSQL Database All ASP Syslog PowerTech Interact - CEF Host All ASP Syslog 9.2 and greater Proofpoint Messaging Security Gateway Application All ASP Syslog Qualys Qualys QualysGuard Vulnerability All N/A N/A Quest ChangeAuditor for Active Directory Applications All WMI WMI AppDirector Network Switches & All ASP Syslog AppWall Firewall All ASP Syslog 9.2 and greater Parses the Event Manager Log (evmd.log) ISAKMP, RADIUS, SECURITY, Accounting, RIP, VR messages only Radware DefensePro IDS / IPS and greater Code Based Syslog 9.1 to DefensePro IDS / IPS and greater ASP Syslog LinkProof/FireProof Network Switches & All ASP Syslog Rapid7 Rapid7 Metasploit Pro Vulnerability 3.x and greater N/A N/A Rapid7 Nexpose Vulnerability All N/A N/A Raytheon SureView Application All ASP Syslog Raz-Lee Security isecurity Suite Application All ASP Syslog 9.2 and greater Red Hat JBoss / WildFly v8 Application Server Jboss 7.x WildFly v8.x ASP Syslog and greater RedSeal Networks RedSeal 6 Risk Complianace All ASP Syslog RioRey DDoS Protection Firewall / DoS RIOS 5.0, 5.1, 5.2 ASP Syslog and greater Riverbed Steelhead Security Appliances / UTMs 5.x ASP Syslog

8 RSA Authentication Manager Authentication 7.x ASP Syslog SafeNet Hardware Security Modules Application Security All ASP Syslog Saint Saint Vulnerability All N/A N/A SAP SAP Version 5 Management / Host / Server / 5.x and 6.x ABAP Module & ASP Syslog Sybase Database 11.x, 12.x, 15.x Savant Protection Savant - CEF Anti-Malware 3.x ASP Syslog 9.2 and greater Secure Crossing Zenwall Management / Host / Server / All ASP Syslog SecureAuth IEP - Single Sign On Authentication 5.x ASP Syslog Securonix Risk and Threat Intelligence Application Code Based SendMail Sentrion Messaging All Sentrigo Hedgehog - CEF Database All ASP Syslog 9.2 and greater sflow Generic sflow Network Flow All sflow sflow Silver Spring Networks Network Infrastructure Smart Grid All ASP Skycure Skycure Enterprise Mobile Security All ASP Syslog and greater SnapLogic SnapLogic Cloud Integration All ASP Syslog 9.2 and greater DB2 Access Recording Services Software Product Research DBARS Database All ASP Syslog SonicWALL SonicWall Firewall/VPN Firewall All Code Based Syslog 9.1 to SonicWall IPS IDS / IPS All Code Based Syslog 9.1 to Sonus GSX VOIP All ASP Syslog Security and Data Protection Security All ASP Syslog Sophos Sophos Antivirus Antivirus All Code Based SQL UTM & Next-Gen Firewall UTM / Firewall 9.1 ASP Syslog and greater SourceFire Squid Web Security and Control Web All ASP Syslog Use Unix - Linux data source 3D Defense Center IDS / IPS 4.10 Use FireSIGHT Management Console - estreamer Snort NIDS IDS / IPS All Use SourceFire NS/RNA data source FireSIGHT Management Console - estreamer IDS / IPS 5.x.x Code Based estreamer and greater SourceFire NS/RNA IDS / IPS All ASP Syslog Includes Snort IDS Squid Web 1.x Code Based Syslog 9.1 to Squid Web 2.5 ASP Syslog STEALTHbits StealthINTERCEPT HIDS ASP Syslog 9.4 and greater StillSecure Strata Guard Firewall / Security Management / IDS / IPS / Virtual Private Networks Stonesoft Corporation Next Generation Firewall IDS / IPS All 5.x, 6.x ASP Syslog Sun iplanet Web Server All Code Based Syslog 9.1 to Altiris Management Console Asset 7.x and greater 9.2 and greater Antivirus Corporate Edition Server Antivirus 8.x, 9.x Code Based SQL Critical System Protection IDS / IPS 5.2 Code Based SQL 9.1 to Critical System Protection IDS / IPS 5.2 ASP SQL 9.4 and greater Endpoint Protection Antivirus 11.x Code Based Syslog 9.1 to Endpoint Protection Antivirus 11.x, 12.x ASP Syslog Symantec PGP Universal Server All ASP Syslog Symantec Data Loss Prevention DLP All ASP Syslog Symantec Messaging Gateway Messaging 2.x and greater ASP Syslog Symantec Web Gateway Web All ASP Syslog Synology DiskStation Manager Application All ASP Syslog 9.2 and greater Tenable Tenable Nessus Vulnerability 3.x, 4.x, 5.x, 6.x N/A N/A Teradata Teradata Database 12.x, 13.x, 14.x Thycotic Secret Server Authentication 8 ASP Syslog 9.2 and greater SMS Security Management 2.x and greater ASP Syslog TippingPoint TippingPoint Security Management 1.x, 2.x Code Based Syslog 9.1 to UnityOne IDS / IPS All ASP Syslog TITUS Message Classification Application All WMI WMI and greater Tofino Security Tofino Firewall LSM Firewall All ASP Syslog Topia Technology Skoot Application All ASP Syslog 9.2 and greater Townsend Security AS/400 - CEF All ASP Syslog 9.2 and greater Use McAfee Next Generation Firewall - Stonesoft Microsoft Windows Event Log

9 Trapezoid Trust Control Suite Application All ASP Syslog 9.2 and greater Control Manager Antivirus / Vulnerability 3.x, 5.x, 6.x Code Based SQL 9.1 to Control Manager - SQL Pull Antivirus / Vulnerability 5.x ASP SQL and greater Trend Micro Deep Discovery - CEF Antivirus / Vulnerability All ASP Syslog 9.2 and greater Deep Security - CEF HIDS 6.x and greater ASP Syslog Deep Security Manager - CEF HIDS 6.x and greater ASP Syslog InterScan Web Security Suite Web All ASP Syslog Tripwire Trustwave OfficeScan Antivirus / Vulnerability All ASP Syslog 9.2 and greater OSSEC FIM / HIDS 1.x, 2.x ASP Syslog Tripwire / ncircle IP360 Vulnerability All N/A N/A Tripwire Enterprise Database / Security Management 4.x ASP Syslog Tripwire For Server Database / Security Management 4.x Code Based Syslog 9.1 to Tripwire For Server Database / Security Management 4.x ASP Syslog 9.4 and greater Data Loss Prevention DLP 8.x ASP Syslog 9.2 and greater Network Access Control NAC 3.x ASP Syslog WebDefend Web 4.x ASP Syslog Tufin SecureTrack Firewall / Auditing All ASP Syslog 9.2 and greater SMA_RT All Code Based Syslog 9.1 to Type80 Security Software SMA_RT All ASP Syslog 9.4 and greater Linux All ASP Syslog Solaris, Red Hat UNIX Linux, HP-UX, UNIX OS Code Based Syslog 9.1 to IBM AIX and SUSE VanDyke Software VShell Application 2.x, 3.x ASP Syslog Vericept Content 360 DLP 8.x ASP Syslog 9.2 and greater Verdasys Digital Guardian DLP All ASP Syslog 9.2 and greater VMware vcenter Server Application All ASP Code Based API and greater VMware Application 1.x-5.x ASP Syslog Voltage Security SecureData Enterprise DLP 5.7 ASP Syslog and greater Vormetric Data Security Application 4.x ASP Syslog WatchGuard Technologies Firebox and X Series Firewall 8.x-11.x ASP Syslog Wave Corp Safend Protector DLP All ASP Syslog 9.2 and greater Cloud Web Security HIDS All ASP and greater Websense Websense - CEF, Key Value Pair Web 7.7 and greater ASP Syslog 9.2 and greater Websense Enterprise - SQL Pull Web 6.x, 7.x ASP SQL and greater Xirrus abgn Wi-Fi Arrays Switches & All ASP Syslog Zenprise Secure Mobile Gateway Security Mobile Gateway 5.x and greater ASP Syslog ZeroFOX ZeroFOX Application All ASP Syslog 9.2 and greater Zscaler Nanolog Streaming Service (NSS) Web All ASP Syslog and greater Trustwave DLP