SEKOIA.IO Documentation
Alert
Initializing search
GitHub
Getting Started
SEKOIA.IO XDR
SEKOIA.IO CTI
SEKOIA.IO TIP
SEKOIA.IO Documentation
GitHub
Getting Started
Getting Started
Overview
Join a community
Create your account
Set up account security
Create a community
Invite users to join
Manage users
Roles and permissions
Navigation on the platform
Turn on notifications
Generate API Keys
SEKOIA.IO XDR
SEKOIA.IO XDR
Introduction
Features
Features
Collect
Collect
Overview
Ingestion methods
Ingestion methods
Rsyslog
Logstash
syslog-ng
Graylog
HTTPS
Integrations
Integrations
Overview
Custom Format
Application
Application
Alsid
Apache
BIND
ISC DHCP
HAProxy
Nginx
OpenSSH
SEKOIA.IO
Unbound
The Hive
Cloud and SaaS
Cloud and SaaS
AWS
AWS
CloudTrail
VPC Flow Logs
S3 for logs
Google Cloud
Google Cloud
Google Cloud Audit
Google Kubernetes Engine
Google VPC Flow Logs
Cisco Umbrella
Cisco Umbrella
Proxy
IP
DNS
Cloudflare
Cloudflare
HTTP requests
DNS logs
Firewall events
Digital Shadows
Microsoft Azure
Microsoft Azure
Azure Active Directory
Azure Front Door
Azure MySQL
Azure Linux machines
Azure Network Watcher
Azure Windows machines
Microsoft Office 365
Microsoft Office 365
O365
Message trace
Imperva Web Application Firewall
Email
Email
FortiMail
Postfix
Proofpoint
Proofpoint
Proofpoint TAP
Proofpoint PoD
Retarus Email Security
SpamAssassin
Vade for M365
Endpoint
Endpoint
Auditbeat Linux
CrowdStrike Falcon
Cybereason MalOp
HarfangLab
Linux
Microsoft Defender for Endpoints
Panda Security Aether
SEKOIA.IO Agent
SentinelOne
SentinelOne Deep Visibility
Sophos EDR
Symantec Endpoint Protection
Tanium
Trend Micro Deep Security
Windows
Windows (Log Insight)
Network
Network
Checkpoint
Cisco ASA
Cisco WSA
F5 BigIP
Forcepoint Secure Web Gateway
FortiGate
FortiProxy
FortiWeb
Infoblox DDI
McAfee Web Gateway / Skyhigh Secure Web Gateway
NetFilter
PaloAlto
Pulse Connect Secure
Sophos Firewall
Squid
Stormshield
Suricata
Vectra
Wallix
Zeek
Generic
Generic
Common Event Format
Intakes
Entities
Assets
Detect
Detect
Rules Catalog
Built-in Rules
Sigma
Anomaly Detection
Investigate
Investigate
Alerts
Events
Cases
Events Query Language
Querying Events
Report
Report
Dashboards
Automate
Automate
Overview
Triggers
Operators
Actions
Library
Library
AWS
Microsoft Azure
Azure Active Directory
BinaryEdge's API
Censys
Certificate Transparency
CrowdStrike Falcon
Detection Rules
Digital Shadows
fileutils
Fortigate Firewalls
Git
GLIMPS
Google
HTTP
HarfangLab
IKnowWhatYouDownload
IPtoASN
Imperva
MISP
MWDB
Mandrill
Mattermost
OSINT
Microsoft Office365
Onyphe
PagerDuty
Panda Security
Proofpoint
Public Suffix
RSS
RiskIQ
SEKOIA.IO
STIX
Sentinel One
ServiceNow
Shodan
Skyhigh Security Secure Web Gateway (SWG)
Sophos
The Hive
Tranco
Triage
Vade Secure
VirusTotal
Whois
Usecases
Usecases
Synchronise Alerts with an external tool
FAQ
Develop
Develop
Overview
Guides
Guides
Filtering
REST API
REST API
Authentication and Community
Dashboard
Notification
Configuration
Parser
Alert
Assets
Playbooks
Telemetry
SEKOIA.IO CTI
SEKOIA.IO CTI
Introduction
Features
Features
Data Models
Consume
Consume
Intelligence
Observables
Outgoing Feeds
Graph Explorations
Enrichers
Export
Monitor
Monitor
Dashboards
External Integrations
External Integrations
Overview
API
TAXII
Cortex Analyzer
MISP Feed
Microsoft Sentinel
OpenCTI
Splunk
Anomali ThreatStream
PaloAlto Cortex XSOAR
Develop
Develop
Overview
Guides
Guides
Filtering
REST API
REST API
Authentication and Community
Intelligence
Enrichment
Telemetry
Dashboard
Notification
Playbooks
SEKOIA.IO TIP
SEKOIA.IO TIP
Introduction
Features
Features
Data Models
Consume
Consume
Intelligence
Observables
Outgoing Feeds
Graph Explorations
Enrichers
Export
Produce and investigate
Produce and investigate
Content Proposals
Incoming Feeds
Warning Rules
Expiration Rules
Monitor
Monitor
Dashboards
External Integrations
External Integrations
Overview
API
TAXII
Cortex Analyzer
MISP Feed
Microsoft Sentinel
OpenCTI
Splunk
PaloAlto Cortex XSOAR
Automate
Automate
Overview
Triggers
Operators
Actions
Library
Library
AWS
BinaryEdge's API
Censys
Certificate Transparency
Detection Rules
Digital Shadows
fileutils
Fortigate Firewalls
Git
GLIMPS
Google
HTTP
HarfangLab
IKnowWhatYouDownload
IPtoASN
Imperva
MISP
MWDB
Mandrill
Mattermost
OSINT
Onyphe
PagerDuty
Panda Security
Public Suffix
RSS
RiskIQ
SEKOIA.IO
STIX
ServiceNow
Shodan
The Hive
Tranco
Triage
Vade Secure
VirusTotal
Whois
Develop
Develop
Overview
Guides
Guides
Filtering
REST API
REST API
Authentication and Community
Intelligence
Enrichment
Dashboard
Notification
Playbooks
Alert
Back to top