Sekoia.io Intakes
- 1Password EPM
- AWS CloudTrail
- AWS CloudTrail
- Amazon CloudFront Logs
- Amazon GuardDuty
- Amazon VPC Flow Logs
- Amazon WAF
- Apache HTTP Server
- ArubaOS Switch
- Azure Application Gateway
- Azure Files
- Azure Front Door
- Azure Key Vault
- Azure MySQL
- Azure Network Watcher (NSG flow logs)
- Azure Windows
- BIND
- Bitdefender GravityZone
- Bitsight SPM
- Broadcom Cloud Secure Web Gateway
- Broadcom Edge Secure Web Gateway
- CEF
- Cato SASE
- Check Point
- Check Point Harmony Mobile
- Cisco Duo Security
- Cisco Email Security Appliance
- Cisco IOS
- Cisco Identity Services Engine (ISE)
- Cisco Meraki MX
- Cisco NX-OS
- Cisco Secure Firewall
- Cisco Web Security Appliance
- Citrix NetScaler / ADC
- Claroty xDome
- Clavister Next-Gen Firewall
- Cloudflare Access Request
- Cloudflare Audit Logs
- Cloudflare DNS Gateway
- Cloudflare DNS logs
- Cloudflare Firewall Events
- Cloudflare Gateway HTTP
- Cloudflare Gateway Network
- Cloudflare HTTP requests
- CrowdStrike Falcon
- CrowdStrike Falcon Telemetry
- Cybereason MalOp
- Cybereason MalOp activity
- Cyberwatch Detection
- Darktrace Threat Visualizer
- Daspren Parad
- Datadome Protection
- Digital Shadows SearchLight
- ESET Protect / Inspect
- EfficientIP SOLIDServer DDI
- Ekinops OneOS
- ExtraHop Reveal(x) 360
- F5 BIG-IP
- Fastly Next-Gen WAF
- Fastly WAF Audit logs
- Forcepoint Secure Web Gateway
- Forcepoint Secure Web Gateway
- FortiMail
- FortiProxy
- FortiWeb
- Fortigate
- FreeRADIUS
- Gatewatcher AionIQ
- Gatewatcher AionIQ
- Github Audit Logs
- Google Cloud Load Balancing
- Google Kubernetes Engine (GKE)
- Google Reports
- Google VPC Flow Logs
- Google Workspace and Google Cloud Audit Logs
- HAProxy
- Harfanglab
- IBM AIX
- IBM iSeries (AS/400)
- ISC DHCP
- Imperva Web Application Firewall
- Infoblox DDI
- Jumpcloud Directory Insights
- Juniper Network Switches
- Kaspersky Endpoint Security
- Lacework Cloud Security
- Linux AuditBeat
- Log Insight Windows
- ManageEngine ADAudit Plus
- McAfee Web Gateway / Skyhigh Secure Web Gateway
- Microsoft Always On VPN
- Microsoft Defender XDR / Microsoft 365 Defender
- Microsoft Entra ID (Azure AD)
- Microsoft IIS
- Microsoft Intune
- Mimecast Email Security
- NGINX
- Netfilter
- Netskope Events
- Netskope Transaction Events
- OGO Shield WAF
- OPNSense
- Office 365
- Office 365 Message Trace
- Okta System log
- Olfeo Secure Web Gateway
- OpenLDAP
- OpenSSH
- OpenVPN
- Palo Alto Cortex XDR (EDR)
- Palo Alto Next-Generation Firewall
- Palo Alto Prisma Access
- Panda Security Aether
- Postfix
- Pradeo MTD
- Proofpoint On Demand
- Proofpoint Targeted Attack Protection
- Pulse Connect Secure
- RSA SecurID
- Raw
- Retarus Email Security
- Rubycat PROVE IT
- Salesforce
- Security Scorecard Vunerability Assessment Scanner
- Sekoia.io Endpoint Agent
- Sekoia.io activity logs
- Sekoia.io forwarder logs
- SentinelOne
- SentinelOne Cloud Funnel 2.0
- SentinelOne Identity
- Sesame it Jizo NDR
- SonicWall Firewall
- SonicWall SMA
- Sophos EDR
- Sophos Firewall
- Sophos Threat Analysis Center
- SpamAssassin
- Squid
- Stormshield Network Security
- Stormshield SES
- Suricata
- Symantec Endpoint Protection
- Systancia Cleanroom
- TEHTRIS Endpoint Detection & Reponse
- Tanium
- Tenable Identity Exposure / Alsid
- Thinkst Canary
- Trellix EDR
- Trellix Network Security
- Trellix ePO
- Trend Micro Apex One
- Trend Micro Deep Security / Workload Security
- Trend Micro Email Security
- Trend Micro Vision One Observed Attack Techniques [BETA]
- Trend Micro Vision One Workbench Alerts [BETA]
- Ubika Cloud Protector Alerts
- Ubika Cloud Protector Traffic
- Ubika WAAP Gateway
- Umbrella DNS Logs
- Umbrella IP Logs
- Umbrella Proxy Logs
- Unbound
- VMWare ESXi
- VMWare VCenter
- Vade Cloud
- Vade M365
- Varonis Data Security
- Vectra Cognito Detect
- Veeam Backup
- Wallix
- WatchGuard Firebox
- Windows
- Winlogbeat
- WithSecure Elements
- Zscaler Internet Access