Sekoia.io Intakes
- AWS CloudTrail
- Alsid
- Amazon CloudFront Logs
- Amazon GuardDuty
- Amazon VPC Flow Logs
- Amazon WAF
- Apache HTTP Server
- ArubaOS Switch
- Azure Files
- Azure Front Door
- Azure Linux
- Azure MySQL
- Azure Network Watcher (NSG flow logs)
- Azure Windows
- BIND
- Broadcom Cloud Secure Web Gateway
- Broadcom Edge Secure Web Gateway
- CEF
- Cato SASE
- Check Point
- Check Point Harmony Mobile
- Cisco Duo Security
- Cisco Email Security Appliance
- Cisco IOS
- Cisco Identity Services Engine (ISE)
- Cisco Meraki MX
- Cisco NX-OS
- Cisco Secure Firewall
- Cisco Web Security Appliance
- Citrix NetScaler / ADC
- Claroty xDome
- Cloudflare Access Request
- Cloudflare Audit Logs
- Cloudflare DNS Gateway
- Cloudflare DNS logs
- Cloudflare Firewall Events
- Cloudflare Gateway HTTP
- Cloudflare Gateway Network
- Cloudflare HTTP requests
- CrowdStrike Falcon
- CrowdStrike Falcon Telemetry
- Cybereason MalOp
- Cybereason MalOp activity
- Darktrace Threat Visualizer
- Datadome Protection
- Digital Shadows SearchLight
- Ekinops OneOS
- ExtraHop Reveal(x) 360
- F5 BIG-IP
- Forcepoint Secure Web Gateway
- FortiMail
- FortiProxy
- FortiWeb
- Fortigate
- FreeRADIUS
- Gatewatcher AionIQ
- Github Audit Logs
- Google Kubernetes Engine (GKE)
- Google Reports
- Google VPC Flow Logs
- Google Workspace and Google Cloud Audit Logs
- HAProxy
- Harfanglab
- IBM AIX
- ISC DHCP
- Imperva Web Application Firewall
- Infoblox DDI
- Jumpcloud Directory Insights
- Kaspersky Endpoint Security
- Linux
- Linux AuditBeat
- Log Insight Windows
- ManageEngine ADAudit Plus
- McAfee Web Gateway / Skyhigh Secure Web Gateway
- Microsoft 365 Defender
- Microsoft Always On VPN
- Microsoft Entra ID (Azure AD)
- Microsoft IIS
- Microsoft Intune
- NGINX
- Netfilter
- Netskope Events
- Netskope Transaction Events
- OGO Shield WAF
- OPNSense
- Office 365
- Office 365 Message Trace
- Okta System log
- OpenLDAP
- OpenSSH
- OpenVPN
- Palo Alto
- Palo Alto Cortex XDR (EDR)
- Panda Security Aether
- Postfix
- Proofpoint On Demand
- Proofpoint Targeted Attack Protection
- Pulse Connect Secure
- RSA SecurID
- Raw
- Retarus Email Security
- Rubycat PROVE IT
- Salesforce
- Security Scorecard Vunerability Assessment Scanner
- Sekoia.io Endpoint Agent
- Sekoia.io activity logs
- SentinelOne
- SentinelOne Cloud Funnel 1.0 [Deprecated]
- SentinelOne Cloud Funnel 2.0
- SonicWall Firewall
- SonicWall SMA
- Sophos EDR
- Sophos Firewall
- Sophos Threat Analysis Center
- SpamAssassin
- Squid
- Stormshield Network Security
- Stormshield SES
- Suricata
- Symantec Endpoint Protection
- TEHTRIS Endpoint Detection & Reponse
- Tanium
- Trellix EDR
- Trellix Network Security
- Trellix ePO
- Trend Micro Apex One
- Trend Micro Deep Security / Workload Security
- Trend Micro Email Security
- Ubika WAAP Gateway
- Umbrella DNS Logs
- Umbrella IP Logs
- Umbrella Proxy Logs
- Unbound
- VMWare ESXi
- VMWare VCenter
- Vade Cloud
- Vade M365
- Varonis Data Security
- Vectra Cognito Detect
- Veeam Backup
- Wallix
- WatchGuard Firebox
- Windows
- Winlogbeat
- WithSecure Elements
- Zeek
- Zscaler Internet Access