How To Use Logrhythm For A Log On A Computer Or Network Device (For A Network) For A Network (For An Uniden Network) (For Log On Device) ( For Awn) (On A Network Or Network) Or

Transcription

1 Supported Products (Sample List) April, 2013

2 - Supported Products (Sample List) Supported Products (Sample List) LogRhythm is designed to support the collection, analysis, correlation, management and reporting of virtually any type of log source. Our list of supported log sources includes hundreds of commercially available devices, systems and applications as well as a myriad of custom devices and legacy applications. Below is a sample of the more common types of log sources for which LogRhythm provides full normalization. The total list of log sources that from which Logs can be collected and managed is much broader than the list below. If you are seeking support for a log source type not listed below, support may exist or can be developed to meet your needs. For any custom log source or device not currently supported for full normalization, LogRhythm can collect, archive and manage those logs out-of-the-box. Furthermore, LogRhythm provides customers with the capability to create full normalization within the application. Alternatively, LogRhythm professional services can develop support for you Com Switch A A10 Networks AX1000 Load Balancer Active Scout IPS Adtran Switch AirDefense Enterprise Airmagnet Wireless IDS AirTight IDS/IPS Airwave Management System Log AIX Host AIX Host Alcatel-Lucent Wireless Controller Apache Access Log Apache Access Log Apache Access Log Apache Error Log Apache Error Log Apache SSL Access Log Apache SSL Access Log Apache SSL Error Log Apache Tomcat Access Log Apache Tomcat Request Parameters Apache Tomcat Service Clients Log APC ATS APC NetBotz Environmental Monitoring APC PDU APC UPS Arista Switch Arris CMTS Aruba Mobility Controller AS/400 via Powertech Interact Astaro Gateway Avaya Voice Mail Log Aventail SSL/VPN Avocent Cyclades Terminal Axway SFTP Azul Java Appliance B Barracuda Load Balancer Barracuda Spam Firewall Barracuda Web Application Firewall Barracuda Webfilter Bind 9 Bit9 Parity Suite Bit9 Parity Suite CEF Black Diamond Switch BlackBerry Enterprise Blue Coat PacketShaper Blue Coat Proxy BCREPORTERMAIN Blue Coat Proxy BCREPORTERMAIN Blue Coat Proxy SQUID-1 Blue Coat Proxy Unsupported CSV Blue Coat Proxy Unsupported W3C Blue Coat ProxyAV ISA W3C Blue Coat ProxyAV MS Proxy 2.0 Blue Coat ProxySG Bomgar Bradford Remediation & Registration Svr Brocade Switch BSD BSD Host C CA ACF2 for z/os - ACFRPTDS CA ACF2 for z/os - ACFRPTEL CA ACF2 for z/os - ACFRPTJL CA ACF2 for z/os - ACFRPTLL CA ACF2 for z/os - ACFRPTNV CA ACF2 for z/os - ACFRPTOM CA ACF2 for z/os - ACFRPTPW CA ACF2 for z/os - ACFRPTRL CA ACF2 for z/os - ACFRPTRV CA ControlMinder Cell Relay Cerberus FTP Cerner Checkpoint IPS Checkpoint Site-to-Site VPN Cisco ACS Cisco Aironet WAP Cisco Application Control Engine Cisco ASA Cisco Clean Access (CCA) Appliance Cisco CSS Load Balancer Cisco FWSM Cisco Global Site Selector Cisco IDS/IPS Cisco Ironport Web W3C Cisco ISE Cisco LMS (cwcli) Cisco LMS (Syslog) PAGE LogRhythm Inc.

3 Cisco Nexus Switch Cisco NGFW Cisco PIX Cisco PIX Cisco Router Cisco Secure ACS 5 Cisco Secure ACS CSV File Cisco Agent Cisco Switch Cisco UCS Cisco Unified Comm Mgr (Call Mgr) Cisco VPN Concentrator Cisco WAAS Cisco Wireless Access Point Cisco Wireless Control System CiscoWorks Citrix Access Gateway IIS Citrix Access Gateway NCSA Common Citrix Access Gateway Citrix Access Gateway W3C Citrix Netscaler Citrix Presentation Citrix Xen ClamAV Anti-Virus CodeGreen Data Loss Prevention ColdFusion Application Log ColdFusion Exception Log ColdFusion Mail Log ColdFusion Mailsent Log ColdFusion Log Consentry NAC Corero IPS Cornerstone Managed File Transfer Coyote Point Equalizer CoyotePoint Equalizer Cyber-Ark D DB2 Audit Log DB2 via BMC Log Master Deepnet DualShield Defender Dell Force 10 Dell PowerConnect Switch Dell Remote Access Controller Dialogic Media Gateway DocWorks E Ecessa ShieldLink eeye Retina Vulnerability Scanner EMC VNX Enterasys Dragon IDS Enterasys Router Enterasys Switch Entrust IdentityGuard Epicor Coalition EqualLogic SAN esafe Event Reporter (Win 2000/XP/2003) ExtremeWare ExtremeXOS F F5 BIG-IP ASM F5 BigIP Traffic Manager F5 Firepass Firewall F5 LTM FairWarning Ready-For- Healthcare Fargo HDP Card Printer and Encoder Fidelis XPS Finacle Core Finacle Treasury Logs FireEye Web MPS FireEye Web MPS Forescout CounterACT NAC Fortinet FortiGate Fortinet FortiGate v4.0 Fortinet FortiGate v5.0 Foundry Switch G Gene6 FTP Gene6 FTP Generic ISC DHCP GlobalSCAPE EFT Guardium Database Activity Monitor H H3C Router Hitachi Universal Storage Platform HP Procurve Switch HP Router HP Unix Tru64 HP Virtual Connect Switch HP-UX Audit Log HP-UX Host HP-UX Host I IBM 4690 POS IBM Blade Center IBM Informix Application Log IBM Informix Audit Log IBM WebSphere App v7 Audit Log IBM WebSphere Cast Iron Cloud Integration IBM ZOS Batch Decryption Log IBM ZOS CICS Decryption Log IBM ZOS RACF Access Log IBM ZOS RACF SMF Type 80 IceWarp Imperva SecureSphere InfoBlox Ingrian Safenet iprism Proxy Log IPTables Irix Audit Logs IRIX Host IRIX Host Ironport Ironport Web aclog iseries via Powertech Interact ISS Proventia SiteProtector - IPS IT-CUBE AgileSI J JBoss Log File JetNexus Load Balancer J-Flow - Juniper J-Flow Version 5 J-Flow - Juniper J-Flow Version 9 Juniper DX Application Accelerator Juniper Firewall Juniper Host Checker Juniper IDP Juniper NSM Juniper Router Juniper SSL VPN Juniper SSL VPN WELF Juniper Steel Belted Radius Juniper Switch Juniper Trapeze K Kemp Load Balancer Kerio Mail KERISYS Doors Event Export L Lancope StealthWatch Layer 7 SecureSpan SOA Gateway Lieberman Enterprise Random Password Manager Linux Audit Linux Audit ASCII

4 Linux Audit Log Linux Host Linux Host LOGbinder SP LogRhythm Data Loss Defender LogRhythm Enterprise Monitoring Solution LogRhythm File Monitor (AIX) LogRhythm File Monitor (HP- UX) LogRhythm File Monitor (Linux) LogRhythm File Monitor (Solaris) LogRhythm File Monitor (Windows) Connection Monitor (AIX) Connection Monitor (HP- UX) Connection Monitor (Linux) Connection Monitor (Solaris) Connection Monitor (Windows) Monitor (AIX) (HP-UX) (Linux) (Solaris) (Windows) LogRhythm SQL 2000 C2 Audit Log LogRhythm SQL 2005 C2 Audit Log LogRhythm SQL 2008 C2 Audit Log LogRhythm Syslog Generator LogRhythm Syslog Generator Monitor (AIX) Monitor (HP-UX) Monitor (Linux) Monitor (Solaris) Monitor (Windows) Lotus Domino Client Log M MacOS X McAfee And Web McAfee epolicy Orchestrator Events McAfee epolicy Orchestrator epoevents McAfee epolicy Orchestrator epoevents McAfee Foundstone McAfee IntruShield Manager McAfee Network Access Control McAfee Secure Internet Gateway McAfee Secur Meridian Metasploit Penetration Scanner Microsoft ActiveSync 2010 Microsoft CRM Microsoft DHCP Log Microsoft Forefront TMG Microsoft IIS (IIS ) File Microsoft IIS Error Log V6 Microsoft IIS FTP IIS Log File Microsoft IIS FTP W3C Extended Microsoft IIS NCSA Common File Microsoft IIS SMTP W3C Microsoft IIS URL Scan Log Microsoft IIS W3C File Microsoft Port Reporter PR- PORTS Log Microsoft SQL 2000 Error Log Microsoft SQL 2005 Error Log Microsoft SQL 2008 Error Log Application Backup DFS Diagnosis-PLA Dir Service DNS Dot Defender Firewall With Advanced Forefront AV Group Policy Operational Hyper-V Hvisor Hyper-V IMS Hyper-V Network Hyper-V SynthSt Hyper-V VMMS Hyper-V Worker MSExchange Management Operations Manager Print Services Replication SafeWord 2008 Setup System Task Scheduler TS Licensing TS Local Session Manager TS Remote Connection Manager TS Session Broker TS Session Broker Client Microsoft Windows 2008 DNS Microsoft Windows Firewall Application BioPassword DFS Directory Service DNS

5 DotDefender File Rep Service HA Kaspersky Micros POS PatchLink SafeWord 2008 SCE SMS 2003 System Virtual Mirapoint Monetra Motorola Access Point Microsoft 2003 Event Log (Snare) Microsoft 2003 Event Log (Snare) Microsoft 2008 Event Log (Snare) Microsoft Exchange 2003 Microsoft Exchange 2003 Microsoft Exchange 2007 Microsoft Exchange 2007 Microsoft Exchange 2010 Microsoft Exchange 2010 Microsoft Exchange RPC Client Access Microsoft IAS/RAS NPS DB Log Microsoft IAS/RAS Standard Log Microsoft IIS Web Log W3C (Snare) Microsoft ISA 2006 ISA All Fields Microsoft ISA 2006 W3C All Fields Microsoft SQL Reporting Services 2008 MySQL MySQL error.log MySQL mysql.log MySQL mysql-slow.log N Nagios ncircle Configuration Compliance Manager Nessus System Log Nessus Vulnerability Scanner NetApp CIFS Audit Event Log NetApp Filer Netflow - Cisco Netflow Version 1 Netflow - Cisco Netflow Version 5 Netflow - Cisco Netflow Version 9 Netflow - Palo Alto Version 9 NetScreen Firewall NeXpose Vulnerability Scanner Nortel 8600 Switch Nortel BayStack Switch Nortel Contivity Nortel Firewall Nortel IP 1220 Nortel Passport Switch Novell Audit Novell GroupWise Novell LDAP NuSecure Gateway O ObserveIT Enterprise OpenLDAP OpenVMS OpenVPN OPSEC LEA - Checkpoint Firewall OPSEC LEA - Checkpoint Firewall Audit Log OPSEC LEA - Checkpoint Log Oracle 10g Audit Trail Oracle 10g Audit Trail Oracle 10g Audit Trail Oracle 11g Audit Trail Oracle 11g Audit Trail Oracle 11g Audit Trail Oracle 11g Fine Grained Audit Trail Oracle 9i Oracle 9i Audit Trail Oracle Listener Audit Trail Oracle SunOne Directory Oracle SunOne Web Access Log Oracle Virtual Directory OSSEC Alerts Other Other Outpost24 P Palo Alto Firewall Polycom Postfix Postfix Princeton Card Secure ProFTPD Proofpoint Spam Firewall Protegrity Defiance DPS PureMessage For Exchange SMTP Log PureMessage For UNIX Blocklist Log PureMessage For UNIX Message Log Q Qualys Vulnerability Scanner Quest Defender R RACF (SMF) Radmin Radware Alteon Load Balancer Radware DefensePro Radware Web Director Audit Log Raritan KVM Raz-Lee Riverbed RL Patient Feedback RSA ACE RSA Adaptive Authentication RSA Authentication Manager 6.1 RSA Authentication Manager v7.1 RuggedRouter S SecureTrack SEL 3530 RTAC SEL 3610 Port Switch SEL 3620 Ethernet Gateway Sendmail File sflow - Version 5 SharePoint 2007 AuditData SharePoint 2010 EventData Sharepoint ULS ShoreTel VOIP

6 Sidewinder Firewall Siemens Invision Siemens Radiology Information System SnapGear Firewall SNMP Trap - Audiolog SNMP Trap - Cyber-Ark SNMP Trap - Dell OpenManage SNMP Trap - HP Network Node Manager SNMP Trap - IBM TS3000 Series Tape Drive SNMP Trap - RSA Authentication Manager SNMP Trap - Swift Alliance SNMP Trap - Trend Micro Control Manager Snort Fast Alert File Snort IDS Solaris - Sulog Solaris (Snare) Solaris Audit Log Solaris Host Solaris Host SonicWALL SonicWALL SSL-VPN Sophos Anti-Virus Sophos Encryption Appliance Sophos Web Proxy Sourcefire estreamer Sourcefire IDS 3D Sourcefire RNA SpamAssassin Squid Proxy Squid Proxy StoneGate Firewall Sudo.Log Swift Alliance Sygate Firewall Symantec Antivirus 10.x Corporate Edtn Symantec DLP Symantec Endpoint Symantec PGP Gateway Symbol Wireless Access Point Symmetry Access Control T Tandem EMSOUT Log File Tandem XYGATE Tipping Point IPS Tipping Point SSL Reverse Proxy Top Layer IPS Townsend Alliance LogAgent Trade Innovations CSCS Trend Micro Deep Trend Micro IMSS Trend Micro IWSVA Trend Micro Office Scan Tripwire Tumbleweed Mailgate Tumbleweed Mailgate U Untangle V Verint Audit Trail File VMWare ESX VMWare vcenter VMWare Virtual Machine Voltage Secur Vormetric CoreGuard Vormetric Log File vsftp Daemon Log W Watchguard FireBox WebDefend WebSense WebSense DLP WebSense Web WS2000 Wireless Access Point Wurldtech SmartFirewall X Xirrus Wireless Array XPient POS CCA Manager XPIENT POS POSLOG XPIENT POS Shell Log Z Zimbra System Log ZXT Load Balancer