Sekoia.io Intakes

• AWS CloudTrail
• Alsid
• Amazon CloudFront Logs
• Amazon GuardDuty
• Amazon VPC Flow Logs
• Amazon WAF
• Apache HTTP Server
• ArubaOS Switch
• Azure Files
• Azure Front Door
• Azure Linux
• Azure MySQL
• Azure Network Watcher (NSG flow logs)
• Azure Windows
• BIND
• Broadcom Cloud Secure Web Gateway
• Broadcom Edge Secure Web Gateway
• CEF
• Cato SASE
• Check Point
• Check Point Harmony Mobile
• Cisco Duo Security
• Cisco Email Security Appliance
• Cisco IOS
• Cisco Identity Services Engine (ISE)
• Cisco Meraki MX
• Cisco NX-OS
• Cisco Secure Firewall
• Cisco Web Security Appliance
• Citrix NetScaler / ADC
• Claroty xDome
• Cloudflare Access Request
• Cloudflare Audit Logs
• Cloudflare DNS Gateway
• Cloudflare DNS logs
• Cloudflare Firewall Events
• Cloudflare Gateway HTTP
• Cloudflare Gateway Network
• Cloudflare HTTP requests
• CrowdStrike Falcon
• CrowdStrike Falcon Telemetry
• Cybereason MalOp
• Cybereason MalOp activity
• Cyberwatch Detection
• Darktrace Threat Visualizer
• Datadome Protection
• Digital Shadows SearchLight
• Ekinops OneOS
• ExtraHop Reveal(x) 360
• F5 BIG-IP
• Fastly Next-Gen WAF
• Fastly WAF Audit logs
• Forcepoint Secure Web Gateway
• FortiMail
• FortiProxy
• FortiWeb
• Fortigate
• FreeRADIUS
• Gatewatcher AionIQ
• Github Audit Logs
• Google Kubernetes Engine (GKE)
• Google Reports
• Google VPC Flow Logs
• Google Workspace and Google Cloud Audit Logs
• HAProxy
• Harfanglab
• IBM AIX
• ISC DHCP
• Imperva Web Application Firewall
• Infoblox DDI
• Jumpcloud Directory Insights
• Kaspersky Endpoint Security
• Lacework Cloud Security
• Linux
• Linux AuditBeat
• Log Insight Windows
• ManageEngine ADAudit Plus
• McAfee Web Gateway / Skyhigh Secure Web Gateway
• Microsoft 365 Defender
• Microsoft Always On VPN
• Microsoft Entra ID (Azure AD)
• Microsoft IIS
• Microsoft Intune
• NGINX
• Netfilter
• Netskope Events
• Netskope Transaction Events
• OGO Shield WAF
• OPNSense
• Office 365
• Office 365 Message Trace
• Okta System log
• Olfeo Secure Web Gateway
• OpenLDAP
• OpenSSH
• OpenVPN
• Palo Alto
• Palo Alto Cortex XDR (EDR)
• Panda Security Aether
• Postfix
• Proofpoint On Demand
• Proofpoint Targeted Attack Protection
• Pulse Connect Secure
• RSA SecurID
• Raw
• Retarus Email Security
• Rubycat PROVE IT
• Salesforce
• Security Scorecard Vunerability Assessment Scanner
• Sekoia.io Endpoint Agent
• Sekoia.io activity logs
• SentinelOne
• SentinelOne Cloud Funnel 1.0 [Deprecated]
• SentinelOne Cloud Funnel 2.0
• SonicWall Firewall
• SonicWall SMA
• Sophos EDR
• Sophos Firewall
• Sophos Threat Analysis Center
• SpamAssassin
• Squid
• Stormshield Network Security
• Stormshield SES
• Suricata
• Symantec Endpoint Protection
• Systancia Cleanroom
• TEHTRIS Endpoint Detection & Reponse
• Tanium
• Trellix EDR
• Trellix Network Security
• Trellix ePO
• Trend Micro Apex One
• Trend Micro Deep Security / Workload Security
• Trend Micro Email Security
• Ubika Cloud Protector
• Ubika WAAP Gateway
• Umbrella DNS Logs
• Umbrella IP Logs
• Umbrella Proxy Logs
• Unbound
• VMWare ESXi
• VMWare VCenter
• Vade Cloud
• Vade M365
• Varonis Data Security
• Vectra Cognito Detect
• Veeam Backup
• Wallix
• WatchGuard Firebox
• Windows
• Winlogbeat
• WithSecure Elements
• Zeek
• Zscaler Internet Access