| Vendor & Product | Version | Parser Name | Provider | Collection Method | Device Class | Category | Materials |
|---|---|---|---|---|---|---|---|
| A10 Networks Thunder Series | RSA Ready | SSL Decrypt | Implementation Guide Solution Brief |
||||
| Absolute Data and Device Security (DDS) | Absolute DDS Customer Center 5.26+, SIEM Connector 1.1 | absolutesiemconnectorpe | RSA Ready | Syslog | Analysis | Log Collection | Implementation Guide | Source Package |
| Acalvio ShadowPlex | 2017.07 | cef | RSA Ready | Syslog | Advanced Threat Detection | Log Collection | Implementation Guide |
| Accurev | 6.0.1 | accurev | RSA | File | CMS | Log Collection | Implementation Guide | Source Package |
| Actiance Vantage | 12.2 | actiancevantage | RSA | ODBC | Analysis | Log Collection | Implementation Guide |
| ActivIdentity 4TRESS AAA Server | 6.4.1 | actividentity | RSA | ODBC | Access Control | Log Collection | Implementation Guide |
| AirMagnet Enterprise | 7.5, 8.5, 10.1 | airmagnetenterprise | RSA | Syslog | Wireless Devices | Log Collection | Implementation Guide |
| AirTight Management Console | 7.0, 7.1 U4 | airtightmc | RSA | Syslog | Intrusion | Log Collection | Implementation Guide |
| AirTight Networks SpectraGuard Enterprise | 6.5, 6.6, 6.7 | atnspectraguardpe | RSA Ready | Syslog | IPS | Log Collection | Implementation Guide Source Package |
| Akamai Kona Site Defender | 1 | cef | RSA | Syslog | Application Firewall | Log Collection | Implementation Guide |
| Alcatel-Lucent OmniSwitch | 6600, 6850, 9700 | alcatelomniswitch | RSA | Syslog, SNMP | Switch | Log Collection | Implementation Guide |
| ALTOR (A Juniper Networks Company) Security Suite | 4.0 | altorpe | RSA Ready | Syslog | Firewall | Log Collection | Implementation Guide Source Package |
| Amazon AWS CloudTrail | N/A | cef | RSA | Plugin | Cloud | Log Collection | |
| Amazon AWS Detective | API v1.0 | cef | RSA | Plugin | Cloud | Log Collection | |
| Amazon AWS GuardDuty | All | cef | RSA | Plugin | Cloud | Log Collection | Implementation Guide Product Manager Blog |
| Amazon AWS Kinesis | API v1.0 | aws, aws_cloudtrail, aws_route53resolver | RSA | Plugin | Cloud | Log Collection | Implementation Guide |
| Amazon AWS Security Hub | API v1.0 | aws_securityhub | RSA | Plugin | Cloud | Log Collection | Implementation Guide |
| Amazon AWS VPC Flow Logs | All | cef | RSA | Plugin | Cloud | Log Collection | Implementation Guide |
| Amazon AWS VPC Traffic Mirror | All | RSA | Network TAP | Implementation Guide | |||
| Amazon AWS Cloudwatch | API v1.0 | aws, aws_cloudtrail, aws_route53resolver, aws_windows | RSA | Plugin | Cloud | Log Collection | Implementation Guide |
| Amazon S3 Universal Connector |
API v1.0 | aws, aws_cloudtrail, cisco_umbrella, aws_windows, aws_waf | RSA | Plugin | Cloud | Log Collection | Implementation Guide |
| Anomali Link | API v1.0 | Plugin | Cloud | Log Collection | Implementation Guide | ||
| Anomali ThreatStream Intelligence Platform | RSA Ready | Threat Intel | Implementation Guide | ||||
| Anomali STAXX | RSA Ready | Threat Intel | Implementation Guide | ||||
| Apache HTTP Server | 2.x | apache | RSA | Syslog, File | Web Logs | Log Collection | Implementation Guide | Source Package |
| Apache Tomcat Server | 6.0, 7.0, 8.x | apachetomcat | RSA | Syslog, File | Web Logs | Log Collection | Implementation Guide | Source Package |
| APCON Inc. IntellaFlex Series 3000 | RSA Ready | Network TAP | Implementation Guide | ||||
| Apcon IntellaPatch Series 3000 Network Monitoring Switch | 4.34.2 | apconintellapatch | RSA | Syslog | Switch | Log Collection | Implementation Guide |
| Trustwave DbProtect (formerly Application Security; part of Singtel) | 6.0 | appsecdbprotect | RSA Ready | ODBC | Database | Log Collection | Implementation Guide |
| Arbor Networks Peakflow SP5 | 5.X, 9.X | arborpeakflowsp | RSA | Syslog | IPS | Log Collection | Implementation Guide |
| Arbor Networks Peakflow X | 4.1 | arborpeakflow | RSA | Syslog | IPS | Log Collection | Implementation Guide |
| ArcSight ESM | RSA Ready | Other | Implementation Guide & Source Package | ||||
| Array Networks SPX Series Universal Access Controllers | 8.4.6 | arrayspxpe | RSA Ready | Syslog | VPN | Log Collection | Implementation Guide Source Package |
| Artifactory | 3.3.0.1 | artifactory | RSA | File | CMS | Log Collection | Implementation Guide | Source Package |
| Aruba Networks AirWave | 6.3.x, 6.4.x, 7.5.x | arubaairwave | RSA | Syslog | Wireless Devices | Log Collection | Implementation Guide |
| Aruba Networks ClearPass Policy Manager | 5.2, 6.x | arubacppm | RSA | Syslog | Access Control | Log Collection | Implementation Guide |
| Aruba Networks Mobility Controller | ArubaOS 2.5.4.0, 3.4, 6.x | arubanetworks | RSA | Syslog | Wireless Devices | Log Collection | Implementation Guide |
| Atlassian Stash | 2.12, 3.3.1, 3.5.1 | stash | RSA | File | CMS | Log Collection | Implementation Guide | Source Package |
| AttackIQ Platform | Dec 2020 | RSA Ready | Analysis | Log Collection | Configuration Guide | ||
| Attivo ThreatMatrix Platform | 4.x | cef | RSA Ready | Syslog | Analysis | Log Collection | Implementation Guide |
| Avecto Privilege Guard | 3.5 | avectopg | RSA | Windows | Access Control | Log Collection | Implementation Guide |
| Avocent IP KVM | Dell PowerEdge 2161DS-2 | avocentkvm | RSA | SNMP | Network | Log Collection | Implementation Guide |
| Barracuda Spam Firewall | 3.4, 3.5, 6.1.x, 8.x | barracudasf | RSA | Syslog | Antivirus | Log Collection | Implementation Guide |
| Barracuda Web Application Firewall | Firmware: 7.4.0, 7.8.0, 7.9.2, 8.x, 9.x | barracudawaf | RSA | Syslog | Application Firewall | Log Collection | Implementation Guide |
| Bayshore Networks SingleKey | 6.3 | cef | RSA Ready | Syslog | Analysis | Log Collection | Implementation Guide |
| DenyAll WAF (formerly Bee Ware Web Application Firewall) | 5.x | beewarewaf | RSA | Syslog | Application Firewall | Log Collection | Implementation Guide |
| BeyondTrust Powerbroker Endpoint Protection (formerly eEye Blink Endpoint Protection) | 4.x | eeyeblink | RSA | SNMP | Intrusion | Log Collection | Implementation Guide |
| BeyondTrust Retina Network Security Scanner (formerly eEye Retina Network Security Scanner) | 5.1 | eeyeretina | RSA | Syslog, SNMP | IDS | Log Collection | Implementation Guide |
| BeyondTrust PowerBroker Servers | 7, 8 | beyondtrustpe | RSA Ready | Syslog | Access Control | Log Collection | Implementation Guide | Source Package |
| BigFix Enterprise Suite | 7.2 | bigfix | RSA | ODBC | Configuration Management | Log Collection | Implementation Guide |
| Bind DNS |
Bind: 9.x, 11 RHEL: 3.x, 4.x, 5.x, 6.0, 7.0 Solaris: 8, 9, 10, 11.x |
rhlinux, solaris | RSA | Syslog | UNIX | Log Collection | Implementation Guide |
| Bit9 Security Platform | 6.0.2, 7.0, 7.2 | bit9 | RSA | Syslog, ODBC | Application Firewall | Log Collection | Implementation Guide |
| Blackberry Ltd Enterprise Server | 5.x | blackberryes | RSA Ready | File | Messaging | Log Collection | Implementation Guide |
| Blue Coat Systems Inc. Director (part of Broadcom Inc.) | 5.5.1.1, 5.5.2.3, 6.1.1.1 | bluecoatdirector | RSA | Syslog | Configuration Management | Log Collection | Implementation Guide |
| Blue Coat Systems Inc. ProxyAV (part of Broadcom Inc.) | 3.3.1.2, 3.5.1.1 | bluecoatproxyav | RSA | Syslog, SNMP | Antivirus | Log Collection | Implementation Guide |
| Blue Coat Systems Inc. ProxySG SGOS (part of Broadcom Inc.) | 4.x, 5.x, 6.x, 7.x | cacheflowelff | RSA | Syslog, File | Web Logs | Log Collection | Implementation Guide |
| Blue Coat Systems Inc. SSL Visibility Appliance (part of Broadcom Inc.) | RSA Ready | SSL Decrypt | Implementation Guide | ||||
| BlueCat | Adonis 7.0 | bluecat | RSA | Syslog | System | Log Collection | Implementation Guide |
| BluVector Cortex | 3.1 | cef | RSA Ready | Syslog | Analysis | Log Collection | Implementation Guide |
| BMC Remedy IT Service Management | 7.6.04 | bmcremedyitsm | RSA | ODBC | Configuration Management | Log Collection | Implementation Guide |
| Brocade FastIron Switch | FGS624P- STK | brocadeswitch | RSA | Syslog | Switch | Log Collection | Implementation Guide |
| CA ACF2 (formerly IBM Mainframe ACF2) |
Versions : r14 and higher Supported Platforms : z/OS v1.9, v1.10, v1.11, v1.12, and v1.13 |
ibmacf2 | RSA | FIle | Mainframe | Log Collection | Implementation Guide | Source Package |
| CA Integrated Threat Management | r8, r8.1 | caitm | RSA | SNMP | Antivirus | Log Collection | Implementation Guide |
| CA SiteMinder | r12 | casiteminder | RSA | File | Access Control | Log Collection | Implementation Guide | Source Package |
| CA Top Secret | z/OS | ibmtopsecret | RSA | File | Mainframe | Log Collection | Implementation Guide | Source Package |
| Carbon Black Cb Response | N/A | carbonblack | RSA Ready | Syslog | System | Log Collection | Implementation Guide Source Package |
| Check Point GAiA | R77.20 | rhlinux, checkpointfw | RSA Ready | Syslog | UNIX | Log Collection | Implementation Guide |
| Check Point IPSO (formerly Nokia IPSO) | 3.6, 3.7, 3.8, 3.9, 6.2 | nokiaipso | RSA Ready | Syslog | UNIX | Log Collection | Implementation Guide |
| Check Point Security Suite (IPS-1) | R76, R77.x, R80.x | checkpointfw1, cef | RSA Ready | Check Point, Syslog | Firewall | Log Collection | Implementation Guide |
| Check Point SPLAT OS | R75, 77.10 | rhlinux | RSA Ready | Syslog | UNIX | Log Collection | Implementation Guide |
| Cimcor CimTrak | 2.0.6.11 | cimcorcimtrakpe | RSA Ready | Syslog | Intrusion | Log Collection | Implementation Guide Source Package |
| Cisco 3300 Series Mobility Services Engine | 5.2.91.0, 6.0.97.0, 7.0.105.0 | ciscomse | RSA | Syslog | Wireless Devices | Log Collection | Implementation Guide |
| Cisco Adaptive Security Appliance (ASA) | 7.x, 8.x, 9.x | ciscoasa | RSA | Syslog | Firewall | Log Collection | Implementation Guide |
| Cisco Aggregation Services Router | 3.3 | ciscorouter | RSA | Syslog | Router | Log Collection | Implementation Guide |
| Cisco Aironet AP (Wireless Access Point) | IOS 12.2 | ciscorouter | RSA | Syslog | Router | Log Collection | Implementation Guide |
| Cisco Application Control Engine | 4710 | ciscoace | RSA | Syslog | Application Delivery | Log Collection | Implementation Guide |
| Cisco ASA Security Services Module | 4.x. 5.0, 5.1, 6.0, 6.1, 6.2, 7.0, 7.1.1 | ciscoidsxml | RSA | SDEE | IDS | Log Collection | Implementation Guide |
| Cisco Catalyst Switch | Cisco Catalyst 6500, Cisco Catalyst 2960-CX | ciscorouter | RSA | Syslog | Router | Log Collection | Implementation Guide |
| Cisco Firewall Service Module | 4.1(5) | ciscoasa | RSA | Syslog | Firewall | Log Collection | Implementation Guide |
| Cisco Identity Services Engine (ISE) | 1.0, 1.1, 1.3, 1.4, 2.x | ciscosecureacs | RSA | Syslog | Access Control | Log Collection | Implementation Guide |
| Cisco IOS | IOS 12.4, 15.x | ciscorouter | RSA | Syslog | Router | Log Collection | Implementation Guide |
| Cisco IronPort Email Security Appliance | 5.7.0, 7.1.3, 8.0.1, 8.5.x, 11.x | ciscoiportesa | RSA | File, Syslog | Application Firewall | Log Collection | Implementation Guide |
| Cisco IronPort Web Security Appliance (WSA) | 5.7.0, 6.3, 7.x, 8.x, 9.x, 10.x | ciscoiportwsa | RSA | File, Syslog | Web Logs | Log Collection | Implementation Guide | Source Package |
| CiscoWorks LAN Management Solution | 3.2, 4.0 | ciscolms | RSA | ODBC | Configuration Management | Log Collection | Implementation Guide |
| Cisco Advanced Malware Protection (AMP) for Endpoints | All | cef | RSA | Plugin | Cloud | Log Collection | Implementation Guide |
| Cisco Meraki | MX60, GA 12.26 | ciscomeraki | RSA | Syslog | Configuration Management | Log Collection | Implementation Guide |
| Cisco Network Admission Control (NAC) | 4.7, 4.9 | cisconac | RSA | Syslog | Access Control | Log Collection | Implementation Guide |
| Cisco Nexus | 1000V, 5000V and 7000V | cisconxos | RSA | Syslog | Switch | Log Collection | Implementation Guide |
| Cisco Prime Infrastructure & Wireless Control System |
Prime Infrastructure: 1.1, 1.2, 2.0, 2.1 Wireless Control System: 7.0 |
ciscowcs | RSA | SNMP | Configuration Management | Log Collection | Implementation Guide |
| Cisco Secure Access Control Server (ACS) |
Software only: 4.2 Appliance:5.x |
ciscosecureacs | RSA | Syslog | Access Control | Log Collection | Implementation Guide |
| Cisco Secure Access Control Server (ACS) Express | 5 | ciscoacsxp | RSA | Syslog | Access Control | Log Collection | Implementation Guide |
| Cisco Secure IDS or IPS | 4.x, 5.0, 5.1, 6.0, 6.1, 6.2, 7.x; Signature Engines: E1, E2, E3, E4 | ciscoidsxml | RSA | SDEE | IDS | Log Collection | Implementation Guide |
| Cisco Security Agent | 4.0, 5.1, 6.0 | ciscosecagent | RSA | ODBC, SNMP | IDS | Log Collection | Implementation Guide |
| Cisco Sourcefire Defense Center / SNORT | 4.x, 5.x, 6.x | snort | RSA | Syslog | IDS | Log Collection | Implementation Guide |
| Cisco ThreatGRID | RSA Ready | Threat Intel | Implementation Guide | ||||
| Cisco Umbrella | Schema Version 4 | cisco_umbrella | RSA | Plugin | Cloud | Log Collection | Implementation Guide |
| Cisco Unified Computing System Manager | 1.0 (2d) | ciscoucs | RSA | Syslog | Configuration Management | Log Collection | Implementation Guide |
| Cisco Virtual Security Gateway | 4.2(1)VSG(1) | cisconxos | RSA | Syslog | Switch | Log Collection | Implementation Guide |
| Cisco Wireless LAN Controller (WLC) (2100 Series, 4400 Series, and 9800 Series) | 5.2.157.0, 6.0.188, 7.0.9, 8.0, 8.x, 17.03.03 | ciscowlc | RSA | Syslog, SNMP | Wireless Devices | Log Collection | Implementation Guide |
| CiscoWorks Common Services/Cisco Security Manager | 2.3, 3.0, 3.3, 4.0 | ciscoworks | RSA | File | Configuration Management | Log Collection | Implementation Guide | Source Package |
| Citrix Access Gateway | 4.5, 4.6, 5.0 | citrixag | RSA | Syslog, File | VPN | Log Collection | Implementation Guide |
| Citrix NetScaler | 9.1, 9.2, 9.3, 10.0, 10.1, 10.5, 11.x, 13.x | citrixns | RSA | Syslog | Application Firewall | Log Collection | Implementation Guide |
| Citrix XenApp | 5 (for Windows Server 2003), 6, 6.5, 7.x | citrixxa | RSA | ODBC | Virtualization | Log Collection | Implementation Guide |
| Citrix XenMobile MDM (formerly Zenprise MobileManager) |
XenMobile Server 10.x Xenmobile MDM version 8.6 Zenprise MobileManager 6.6 |
zenprisemdm | RSA | Syslog, File | Configuration Management | Log Collection | Implementation Guide |
| Claroty Platform | 2.0, 2.1 | cef | RSA Ready | Syslog | Analysis | Log Collection | Implementation Guide |
| Clearswift SECURE Gateway Suite |
Web Gateway: 3.0 Email Gateway: 3.6 Exchange Gateway: 1.0 ICAP Gateway: 1.0 |
clearswiftpe | RSA Ready | Syslog | Application Servers | Log Collection | Implementation Guide Source Package |
| Cloudera Navigator | 4.8, 5.x | clouderanavigator | RSA | Syslog | Access Control | Log Collection | Implementation Guide |
| CloudLink SecureVSA | 3 | aforecloudlink | RSA | Syslog | Access Control | Log Collection | Implementation Guide |
| Cofense Intelligence (formerly PhishMe) | RSA Ready | Threat Intel | Implementation Guide | ||||
| CoreTrace Bouncer | 6.0.1 | coretracebouncerpe | RSA Ready | Syslog | Application Firewall | Log Collection | Implementation Guide, Source Package |
| CorreLog, Inc. SIEM Agent for IBM z/OS (part of BMC Software, Inc.) | 5.5.1 z/OS | cef | RSA Ready | Syslog | Mainframe | Log Collection | Implementation Guide |
| CounterTack Event Horizon | 3.1,3.1.7 | countertackehpe | RSA Ready | Syslog | Analysis | Log Collection | Implementation Guide | Source Package |
| Courion PasswordCourier | 5 | courionpc | RSA | File | Access Control | Log Collection | Implementation Guide I Source Package |
| cPacket Networks CVU Family | RSA Ready | Network TAP | Implementation Guide | ||||
| Crossbeam C-Series | 4.x, 5.x, 6.x | crossbeamc | RSA | Syslog | UNIX | Log Collection | Implementation Guide |
| CryptoniteNXT | RSA Ready | CEF | Log Collection | Implementation Guide | |||
| Cuckoo Sandbox | RSA Ready | Other | Implementation Guide | ||||
| CyberArk Account Security and Identity Management |
7.x, 8.x, 9.x, 10.x, 12.1 |
cyberark | RSA | Syslog | Access Control | Log Collection | |
| CyberArk Privileged Threat Analytics | 2.6.3.1 | cef | RSA | Syslog | Access Control | Log Collection | Implementation Guide |
| Cyberoam UTM | 10.04.3 | cyberoamutm | RSA | Syslog | Firewall | Log Collection | Implementation Guide |
| CyberSponse CyOps | RSA Ready | Orchestration & Automation | Implementation Guide | ||||
| CyberX Platform 2.0 | 2.0 | cef | RSA Ready | Syslog | ICS | Log Collection | Implementation Guide |
| Cylance Protect | 1.x | cylance | RSA | Syslog | Antivirus | Log Collection | Implementation Guide |
| Cymulate Integration |
RSA Ready | Implementation Guide | |||||
| Cyware Integration | RSA Ready | Implementation Guide | |||||
| Damballa Failsafe | 5.0.2, 6.2.0 | damballa | RSA | Syslog | Antivirus | Log Collection | Implementation Guide |
| DataSunrise Database Security Suite | 3.7 | cef | RSA Ready | Syslog | Analysis | Log Collection | Implementation Guide |
| Dell iDRAC | DRAC 5, iDrac 6, iDRAC 9.x | delldrac | RSA | SNMP, Syslog | Access Control | Log Collection | Implementation Guide |
| Dell PowerConnect 5324 Switch | 1.0.0.47 | dellswitch | RSA | Syslog | Switch | Log Collection | Implementation Guide |
| Dell EMC Avamar | 4.1, 6.0, 7.0 | emcavamar | RSA | ODBC, Syslog | Storage | Log Collection | Implementation Guide |
| Dell EMC Celerra (also known as Dell EMC Control Station, Blades, DataMover, NSX) | 7.0, 7.1 | celerra | RSA | SNMP | Storage | Log Collection | Implementation Guide |
| Dell EMC Data Domain | 5.1.0.4 | emcdatadomain | RSA | Syslog | Storage | Log Collection | Implementation Guide |
| Dell EMC Data Protection Advisor | 5.6 | emcdpa | RSA | ODBC | Analysis | Log Collection | Implementation Guide |
| Dell EMC Greenplum Database | 4 | greenplum | RSA | FIle | Database | Log Collection | Implementation Guide |
| Dell EMC Greenplum HD | 1.2 | greenplumhd | RSA | File | Storage | Log Collection | Implementation Guide |
| Dell EMC Ionix Unified Infrastructure Manager | 1.0, 2.1, 3.0, 3.1 | emcionixuim | RSA | Syslog, File, ODBC | Configuration Management | Log Collection | Implementation Guide |
| Dell EMC Isilon | 6.5.3.32, 6.5.5.7.x, 8.x | emcisilon | RSA | File, Syslog | Storage | Log Collection | Implementation Guide |
| Dell EMC NetWorker | 7.6 SP2 | emcnetworker | RSA | File | Storage | Log Collection | Implementation Guide |
| Dell EMC Secure Remote Support (ESRS) | 2 | esrs | RSA | Syslog | Access Control | Log Collection | Implementation Guide |
| Dell EMC Symmetrix Solutions Enabler | 6.4, 6.5.3, 7.0, 7.1, 7.3.0.1, 7.6.1 | symmetrix | RSA | Syslog, File | Storage | Log Collection | Implementation Guide |
| Dell EMC VNX (formerly Clariion Navisphere) | Navisphere 6.28 and Unisphere 1.1 | clariion | RSA | SNMP | Storage | Log Collection | Implementation Guide |
| Dell EMC Voyence | 4.0.1 | voyence | RSA | SNMP | Access Control | Log Collection | Implementation Guide |
| Dell EMC VPLEX | all | emcvplex | RSA | File | Storage | Log Collection | Implementation Guide |
| Demisto Enterprise | RSA Ready | Orchestration & Automation | Implementation Guide | ||||
| DFLabs IncMan | 4.5+ | RSA Ready | Orchestration & Automation | Implementation Guide | |||
| Digital Guardian | 6.1 | RSA Ready | Syslog | DLP | Log Collection | Implementation Guide | Source Package |
|
| Dropbox | API v2.0 | cef | RSA | Plugin | Cloud | Log Collection | Implementation Guide Product Manager Blog |
| EclecticIQ Threat Intelligence Platform | RSA Ready | Threat Intel | Implementation Guide | ||||
| EMC Fabric OS | 6.1, 6.2 | fabricos | RSA | Syslog | Switch | Log Collection | Implementation Guide |
| Endgame | 2.5.4 | cef | RSA Ready | Syslog | System | Log Collection | Implementation Guide |
| Enforcive Enterprise Security (part of Precisely) | 7.x | cef | RSA Ready | Syslog | Access Control | Log Collection | Implementation Guide |
| Extreme Networks Dragon IPS (formerly Enterasys Dragon) | 5.x, 6.x, 7.2, 7.4 | dragonids | RSA | SNMP | IDS | Log Collection | Implementation Guide |
| Extreme Networks Switch (formerly Enterasys Switch | S-Series | enterasysswitch | RSA | Syslog | Switch | Log Collection | Implementation Guide |
| Enterprise IT-Security SF-NoEvasion | 7.1 | enterpriseitsfne | RSA | Syslog | Mainframe | Log Collection | Implementation Guide |
| Entrust Identity Guard | 10.1 | entrustig | RSA | Syslog | Access Control | Log Collection | Implementation Guide |
| ESET Remote Administrator | 4.0, 5.0 | eseterape | RSA Ready | ODBC | Antivirus | Log Collection | Implementation Guide Source Package |
| Evidian Authentication Manager | 9.x, 10.x | evidian | RSA | ODBC | Access Control | Log Collection | Implementation Guide |
| Exabeam Advanced Analytics | 3.0 | exabeampe | RSA Ready | Syslog | Analysis | Log Collection | Implementation Guide |
| F-Secure | 5.x | fsecureav, cef | RSA | Syslog, Windows | Antivirus | Log Collection | Implementation Guide |
| F5 BIG-IP Access Policy Manager | 10.2.0, 11.4 HF4, 11.5.2 HF1, 15.x | bigipapm | RSA | Syslog | Access Control | Log Collection | Implementation Guide |
| F5 BIG-IP Advanced Firewall Manager | 11.5 | bigipafm | RSA | Syslog | Firewall | Log Collection | Implementation Guide |
| F5 BIG-IP Application Security Manager | 10.2.0, 11.2, 11.5.x, 11.6,13.x, 14.x | bigipasm | RSA | Syslog | Application Firewall | Log Collection | Implementation Guide |
| F5 BIG-IP Local Traffic Manager | 9.4, 10.2.0, 11.x, 12.x, 13.x, 14.x, 15.x | bigip | RSA | Syslog | Switch | Log Collection | Implementation Guide |
| F5 BIG-IP Virtual Edition | RSA Ready | SSL Decrypt | Deployment Guide (Version 11.3) | ||||
| F5 Firepass SSL VPN | 5.5-20051019, 7.0.1 | firepass | RSA | Syslog | VPN | Log Collection | Implementation Guide |
| F5 SSL Orchestrator | RSA Ready | SSL Decrypt | Implementation Guide | ||||
| FairWarning Privacy Monitoring | 2.9.2, 4.x | fairwarningpm | RSA | File | Analysis | Log Collection | Implementation Guide |
| FireEye Web Malware Protection System | 6.x, 7.x, 8.x | fireeyewebmps | RSA | Syslog | Malware | Log Collection | Implementation Guide |
| Forcepoint DLP (formerly Websense Data Security) | 7.x, 8.x | websenseds | RSA | Syslog | DLP | Log Collection | Implementation Guide |
| Forcepoint Email Security) | 8.x | cef | RSA | Syslog | Antivirus | Log Collection | Implementation Guide |
| Forcepoint Web Security (formerly Websense Web Security) | 5.5, 6.3, 7.0, 7.1, 7.5, 7.6, 7.7, 7.8.1, 7.8.4, 8.x | websense | RSA | SNMP, ODBC (7.5, 7.6, 7.7), (Syslog for 7.7 and later) | Web Logs | Log Collection | Implementation Guide |
| ForeScout CounterACT | 6.3.4.0, 7.x, 8.x | forescoutcounteract | RSA | Syslog | Access Control | Log Collection | Implementation Guide |
| Fortinet FortiAnalyzer | 5.x | fortinetmgr | RSA | Syslog | Firewall | Log Collection | Implementation Guide |
| Fortinet Forticlient Endpoint Security | 4.x | forticlientendpoint | RSA | Syslog | Firewall | Log Collection | Implementation Guide |
| Fortinet FortiGate | 2.8, 3.0, 4.0 MR1, 4.0 MR2, 5.x, 6.x | fortinet | RSA | Syslog | Firewall | Log Collection | Implementation Guide |
| Fortinet FortiMail | 4.0, 5.2, 6.x | fortinetfortimail | RSA | Syslog | Application Firewall | Log Collection | Implementation Guide |
| Fortinet Manager | 5.x, 6.x | fortinetmgr | RSA | Syslog | Firewall | Log Collection | Implementation Guide |
| Fox Technologies Server Control | 6.5, 6.6 | foxtpe | RSA Ready | Syslog | Access Control | Log Collection | Implementation Guide Source Package |
| Free BSD | 5.x | hpux | RSA | Syslog | UNIX | Log Collection | Implementation Guide |
| General Electric (GE) Centricity Enterprise Archive | 4 | gecea | RSA | ODBC | Document | Log Collection | Implementation Guide |
| General Electric (GE) Centricity PACS-IW | 3.7.3 | gepacs | RSA | ODBC | Document | Log Collection | Implementation Guide |
| Gigamon GigaSECURE | RSA Ready | Network TAP | Implementation Guide | ||||
| Gigamon GigaSECURE OpenStack | RSA Ready | Network TAP | Implementation Guide | ||||
| Gigamon GigaVUE H Series | RSA Ready | Network TAP | Deployment Guide (NW 10.6.x), Deployment Guide (NW 11.3) |
||||
| Gigamon SSL Solution | RSA Ready | SSL Decrypt | Implementation Guide | ||||
| Git | 1.7.6 | git | RSA | File | CMS | Log Collection | Implementation Guide |
| GitHub Enterprise | 2.8.x | git | RSA | Syslog | CMS | Log Collection | Implementation Guide |
| GlobalSCAPE Enhanced File Transfer (EFT) Server | all versions up to 6.3.8 | gseftserver | RSA | File | Web Logs | Log Collection | Implementation Guide |
| Google Cloud Platform (GCP) | API v1.0 | cef/gcp | RSA | Plugin | Cloud | Log Collection | Implementation Guide |
| Google G Suite | API v1.0 | googlesuite | RSA | Plugin | Cloud | Log Collection | Implementation Guide |
| Gurucul Risk Analytics | RSA Ready | Other | Implementation Guide | ||||
| HelpSystems PowerTech Interact | 3 | powertechpe | RSA Ready | Syslog | Analysis | Log Collection | Implementation Guide Source Package |
| Hewlett Packard Integrity NonStop Server | All NonStop OS releases supported by HP | hpnonstopserver | RSA | Syslog | Analysis | Log Collection | Implementation Guide |
| Hewlett Packard OpenVMS | all | openvms | RSA | File | Midrange | Log Collection | Implementation Guide |
| Hewlett Packard ProCurve Switch | series 2600, 2800, 5300, 7510 | hpprocurvesw | RSA | Syslog | Switch | Log Collection | Implementation Guide |
| Hewlett Packard UNIX | 11.X, C2 v11.X | hpux | RSA | Syslog | UNIX | Log Collection | Implementation Guide |
| Hitachi ID Privileged Access Manager / Password Manager | 7.1.x, 7.2.x, 7.3.x | hitachiidmsuitepe | RSA Ready | ODBC | Access Control | Log Collection | Implementation Guide | Source Package |
| Huawei VRP | 5.x, 6.x, 8.x | huaweivrp | RSA | Syslog | Router | Log Collection | Implementation Guide |
| HyTrust CloudControl (formerly HyTrust Appliance) |
Appliance: 2.0.10264, 2.5.1, 3.0.2, 3.6 CloudControl: 4.0 |
hytrust | RSA | Syslog | Access Control | Log Collection | Implementation Guide |
| IBM AIX | 5L (Security and Authentication messages only), 6.1, 7.x | aix | RSA | Syslog | UNIX | Log Collection | Implementation Guide |
| IBM DB2 Universal Database | 7, 8, 8.1, 9.1, 9.5, 9.7, 10.x | ibmdb2 | RSA | File, ODBC | Database | Log Collection | Implementation Guide |
| IBM Domino | 8.5, 9.x | lotusdomino | RSA | SNMP | Mail Servers | Log Collection | Implementation Guide |
| IBM Guardium SQL Guard | 7, 8.0.2, 9.5.x | guardium | RSA | Syslog | Firewall | Log Collection | Implementation Guide |
| IBM iSeries AS400 | V6.1.x, V7.1, V7.2 | iseries | RSA | File | Midrange | Log Collection | Implementation Guide | Source Package |
| IBM ISS SiteProtector | 2.0 SP6.1, SP7.0, SP8.0, SP8.1, SP9.0 | iss | RSA | ODBC | IDS | Log Collection | Implementation Guide |
| IBM Mainframe DB2 for z/OS | Mainframe z/OS v1.9, v1.10, v1.11, v1.12, v1.13, v2.1 and v2.2 | ibmdb2 | RSA | File | Database | Log Collection | Implementation Guide | Source Package |
| IBM Mainframe ICSF | Mainframe z/OS v1.9, v1.10, v1.11, v1.12 and v1.13 | ibmicsf | RSA | File | Mainframe | Log Collection | Implementation Guide |
| IBM Mainframe IDMS | Mainframe z/OS v1.9, v1.10, v1.11, v1.12 and v1.13 | ibmidms | RSA | File | Mainframe | Log Collection | Implementation Guide |
| IBM Mainframe IMS | Mainframe z/OS v1.9, v1.10, v1.11, v1.12 and v1.13 | ibmims | RSA | File | Mainframe | Log Collection | Implementation Guide |
| IBM Mainframe IPSec | Mainframe z/OS v1.9, v1.10, v1.11, v1.12 and v1.13 | ibmmainframeipsec | RSA | File | Mainframe | Log Collection | Implementation Guide |
| IBM Mainframe RACF | Mainframe z/OS v1.9, v1.10, v1.11, v1.12, v1.13, v2.1 and v2.2 | ibmracf | RSA | File | Mainframe | Log Collection | Implementation Guide |
| IBM Mainframe Syslog and Hardcopy Log Facility | Mainframe z/OS v1.9, v1.10, v1.11, v1.12, v1.13, 2.x | ibmmfzossyslog | RSA | File | Mainframe | Log Collection | Implementation Guide |
| IBM Qradar | N/A | RSA Ready | Other | Implementation Guide Supporting Files |
|||
| IBM Tivoli Access Manager ESSO | 8.0.1 | ibmtamesso | RSA | ODBC | Access Control | Log Collection | Implementation Guide |
| IBM Tivoli Access Manager WebSEAL | 6.0, 7.x, 9.x | ibmtamws | RSA | File, Syslog | Access Control | Log Collection | Implementation Guide |
| IBM Tivoli Identity Manager | 5.1 | ibmtim | RSA | ODBC | Access Control | Log Collection | Implementation Guide |
| IBM WebSphere | 6.0.0.1, 7.0.0.9, 8.0, 8.5 | ibmwebsphere | RSA | File | Application Servers | Log Collection | Implementation Guide |
| IBM WebSphere DataPower | 3.8.1, 7.x | ibmwebspheredp | RSA | Syslog | System | Log Collection | Implementation Guide |
| IBM MQ (formerly branded as WebSphere MQ) | 7.0.1 | ibmwebspheremq | RSA | File | Messaging | Log Collection | Implementation Guide |
| Imperva CounterBreach | 11.5 | cef | RSA Ready | Syslog | Analysis | Log Collection | Implementation Guide |
| Imperva SecureSphere | 6, 7, 8, 8.5, 9.0, 9.5, 10.0 | impervawaf | RSA | Syslog | Application Firewall | Log Collection | Implementation Guide |
| Tenable.ot powered by Indegy | 3.x | cef | RSA | Syslog | Analysis | Log Collection | Implementation Guide |
| Infoblox NIOS | 5.1, 6.4.5, 8.x | infobloxnios | RSA | Syslog | System | Log Collection | Implementation Guide |
| Interface Masters Niagara 2299 | RSA Ready | Network TAP | Implementation Guide | ||||
| Interface Masters Niagara 4272 | RSA Ready | Network TAP | Implementation Guide | ||||
| Intersect Alliance Snare for Linux | 3.7 and later | linux_snare | RSA | Syslog | UNIX | Log Collection | Implementation Guide |
| Invincea Threat Data Server | 2.6 | invincea | RSA | Syslog | Antivirus | Log Collection | Implementation Guide |
| Ixia CloudLens (part of Keysight) | RSA Ready | Network TAP | Implementation Guide, Deployment Guide (NW 10.6.x) Deployment Guide (NW 11.3) |
||||
| Ixia Vision ONE (part of Keysight) | RSA Ready | Network TAP | Implementation Guide | ||||
| Ixia Phantom vTap (part of Keysight) | RSA Ready | Network TAP | Implementation Guide | ||||
| J4Care Healthcare Connector | N/A | j4carehcc | RSA | Syslog | Document | Log Collection | Implementation Guide |
| JBoss Application Server | 4.2, 5.0, 7.0 | jboss | RSA | File, Syslog | Application Servers | Log Collection | Implementation Guide |
| Jenkins | 1.58, 1.8.x, 2.x | jenkins | RSA | Syslog | Application Servers | Log Collection | Implementation Guide |
| Juniper Networks Intrusion Detection and Prevention (IDP) | 3.0, 3.1, 3.2, 4.0, 4.1, 5.0 | netscreenidp | RSA | Syslog, File | IDP | Log Collection | Implementation Guide |
| Juniper Networks JUNOS | 6.1, JUNOS 9.4, 9.6, 10.0, 10.3, 10.4, 11.1, 11.2, 11.4, 12.1, 17.x | junosrouter | RSA | Syslog | Router | Log Collection | Implementation Guide |
| Juniper Networks NetScreen Firewall | 5.1, 5.3, 5.4, 6.x | netscreen | RSA | Syslog | Firewall | Log Collection | Implementation Guide |
| Juniper Networks NetScreen ScreenOS | 5.1, 5.3, 5.4, 6.x | netscreen | RSA | Syslog | Firewall | Log Collection | Implementation Guide |
| Juniper Networks NetScreen-Security Manager | 2006, 2007, 2010, 2011, 2012 | nsm | RSA | Syslog, File | Configuration Management | Log Collection | Implementation Guide |
| Juniper Networks Unified Access Control | 2.2, 3.1, 4.5 | juniperic | RSA | Syslog | Access Control | Log Collection | Implementation Guide |
| Juniper Networks Wireless LAN Controller | 7.6.1 | juniperwlc | RSA | Syslog | Wireless Devices | Log Collection | Implementation Guide |
| Juniper Steel-Belted Radius | 5.4, 6.x | junipersbr | RSA | File | Access Control | Log Collection | Implementation Guide |
| Kaspersky Anti-Virus | Kaspersky Security Center 9.0, 10.x,11.x Kaspersky Administration Kit 8.0 Kaspersky Anti-Virus for Microsoft ISA Server 2004 Enterprise Edition and 2006 Enterprise Edition | kasperskyav | RSA | ODBC, File | Antivirus | Log Collection | Implementation Guide |
| Kaspersky CyberTrace (formerly Threat Feed Service) | RSA Ready | Threat Intel | Implementation Guide | ||||
| Kaspersky Threat Intelligence Portal | RSA Ready | Threat Intel | Implementation Guide | ||||
| Kernel Based Virtual Machine (KVM) | 2.6.32-220 | kvm | RSA | File | Virtualization | Log Collection | Implementation Guide |
| Lancope StealthWatch | 5.5, 5.6, 5.9, 5.10, 6.0 | stealthwatch | RSA | Syslog | IDS | Log Collection | Implementation Guide |
| LANDesk Management Suite | 9.0 Service Pack 2, 9.5 | landesk | RSA | ODBC | Configuration Management | Log Collection | Implementation Guide |
| Lieberman Enterprise Random Password Manager (ERPM) | 4.83.6 | liebsofterpmpe | RSA Ready | Syslog | Application Servers | Log Collection | Implementation Guide Source Package |
| Linux (CentOS) | 6 | rhlinux | RSA | Syslog | UNIX | Log Collection | Implementation Guide |
| Linux (Debian GNU) | 3.1, 4.0 | rhlinux | RSA | Syslog | UNIX | Log Collection | Implementation Guide |
| Linux (Novell SuSE) | 9, 10, 10.2, 11, 12.x | rhlinux | RSA | Syslog | UNIX | Log Collection | Implementation Guide |
| Linux (Red Hat/RHEL) | 3.x, 4.x, 5.x, 6.0, 7.x | rhlinux | RSA | Syslog | UNIX | Log Collection | Implementation Guide |
| LogRhythm Platform | RSA Ready | Other | Implementation Guide | ||||
| Lumension Endpoint Management and Security Suite | 7 | lumensionemss | RSA | ODBC | Configuration Management | Log Collection | Implementation Guide |
| M86 Secure Web Gateway (part of Trustwave) | 10.1, 10.2 | m86swgpe | RSA Ready | Syslog | Application Firewall | Log Collection | Implementation Guide Source Package |
| ManageEngine Netflow Analyzer | 8.0, 9.5 | manageenginenetflow | RSA | ODBC | Analysis | Log Collection | Implementation Guide |
| MapR Converged Data Platform (part of Hewlett Packard Enterprise) | RSA Ready | Other | Implementation Guide | ||||
| McAfee Data Loss Prevention Endpoint | 2.2, 3.0, 9.0, 9.1, 9.2, 9.3, 9.4.x, 10.x | mcafeedlp | RSA | ODBC | DLP | Log Collection | Implementation Guide |
| McAfee Database Security | 4.2, 5.x | mcafeeds | RSA | Syslog | Application Firewall | Log Collection | Implementation Guide |
| McAfee Email Gateway (formerly CipherTrust IronMail) | 5.5, 7.x | ironmail, cef | RSA | Syslog, SNMP | Antivirus | Log Collection | Implementation Guide |
| McAfee Endpoint Encryption | 5.2.2. 5.2.12 | mcafeeendpoint | RSA | File | Access Control | Log Collection | Implementation Guide |
| McAfee Endpoint Security | 10.x | epolicy | RSA | ODBC | Antivirus | Log Collection | Implementation Guide |
| McAfee ePolicy Orchestrator | 3.5, 3.6.0, 3.6.1, 4.0, 4.5, 4.6, 5.x | epolicy | RSA | ODBC | Antivirus | Log Collection | Implementation Guide |
| McAfee Firewall Enterprise | 6.1.1.x, 6.1.2.x, 7.0.0.x, 8.0, 8.x | sidewinder | RSA | Syslog | Firewall | Log Collection | Implementation Guide |
| McAfee Host Intrusion Prevention (aka Entercept) | 6.0.1 supported on McAfee ePolicy Orchestrator 3.6.0, 3.6.1 7.0, 8.0 supported on McAfee ePolicy Orchestrator 4.0 | entercept | RSA | ODBC | IDS | Log Collection | Implementation Guide |
| McAfee Integrity Control | 5.0.2, 5.1.0, 6.x | mcafeeic | RSA | ODBC | Configuration Management | Log Collection | Implementation Guide |
| McAfee Network Access Control | 3.1.1 | mcafeenac | RSA | ODBC | Access Control | Log Collection | Implementation Guide |
| McAfee Network Data Loss Prevention (Reconnex) | 8.6, 9.x | mcafeereconnex | RSA | ODBC, Syslog | DLP | Log Collection | Implementation Guide |
| McAfee Network Security Platform | 2.1, 3.1, 4.1, 5.1, 6.1, 7.1, 8.x, 9.x | intrushield | RSA | Syslog, ODBC (for version 5.1) | IDS | Log Collection | Implementation Guide |
| McAfee Policy Auditor | 5.2, 6.01, 6.2 | mcafeepa | RSA | ODBC | Configuration Management | Log Collection | Implementation Guide |
| McAfee Security for Microsoft Exchange | 8.x | mcafeesecurity | RSA | ODBC | Antivirus | Log Collection | Implementation Guide |
| McAfee VirusScan Enterprise | 8.x | mcafeevirusscan | RSA | ODBC | Antivirus | Log Collection | Implementation Guide |
| McAfee Vulnerability Manager | 5.0, 6.5.1, 6.8, 7.0, 7.5 | mcafeefoundscan | RSA | ODBC | IDS | Log Collection | Implementation Guide |
| McAfee Web Gateway | 6.8.5, 7.x, 8.x | mcafeewg | RSA | File, Syslog | Web Logs | Log Collection | Implementation Guide |
| McKesson Horizon Patient Folder | 15 | mckessonhpf | RSA | ODBC | Document | Log Collection | Implementation Guide |
| Microdasys XML Security Gateway | 1.1.0 | microdasys_xsg | RSA | File | Application Firewall | Log Collection | Implementation Guide |
| Microsoft Audit Collection Services | 2007 SP1 | msacs | RSA | ODBC | Windows Hosts | Log Collection | Implementation Guide |
| Microsoft Azure Graph API | API v1.0 | azure | RSA Ready | Plugin | Cloud | Log Collection | Implementation Guide |
| Microsoft Azure: Admin Logs, Azure AD Audit/Sign-in (via native API) | All | cef | RSA Ready | Plugin | Cloud | Log Collection | Implementation Guide |
| Microsoft Azure: Admin Logs, Azure AD Audit/Sign-in (via Event Hub) | All | cef | RSA | Plugin | Cloud | Log Collection | Implementation Guide Product Manager Blog |
| Microsoft Azure NSG | All | cef | RSA Ready | Plugin | Cloud | Log Collection | Implementation Guide Product Manager Blog |
| Microsoft Azure Monitor | API v1.0 | cef, azure | RSA | Plugin | Cloud | Log Collection | Implementation Guide |
| Microsoft Azure Security Alerts | API v1.0 | cef | RSA | Plugin | Cloud | Log Collection | Implementation Guide |
| Microsoft DHCP Server | 2000, 2003, 2008, 2012, 2019 | msdhcp | RSA | File | Application Servers | Log Collection | Implementation Guide | Source Package |
| Microsoft Exchange Server | 2003, 2007, 2010, 2013, 2016 | msexchange | RSA | File, Windows | Mail Servers | Log Collection | Implementation Guide |
| Microsoft Forefront Endpoint Protection | Forefront Client Security 1.1, 1.5 Forefront Endpoint Protection 2010 System Center 2012 Endpoint Protection | msforefrontcs | RSA | Windows, ODBC (for Forefront Client Security only) | Antivirus | Log Collection | Implementation Guide |
| Microsoft Forefront Threat Management Gateway | Beta, ISA 2006, TMG 2010 | msisa | RSA | File, ODBC | Firewall | Log Collection | Implementation Guide |
| Microsoft Forefront Unified Access Gateway | 2010 | msfuag | RSA | Syslog, ODBC | VPN | Log Collection | Implementation Guide |
| Microsoft Internet Information Services (IIS) | 5.x, 6.x, 7.x, 8.x, 10.x | microsoftiis | RSA | File | Web Logs | Log Collection | Implementation Guide |
| Microsoft Internet Security and Acceleration (ISA) Server | 2000, 2004, 2006 | msisa | RSA | File, Windows | Web Logs | Log Collection | Implementation Guide |
| Microsoft Network Access Protection | 1.1 | msnap | RSA | ODBC | Access Control | Log Collection | Implementation Guide |
| Microsoft Network Policy Server (NPS) | 3.2, 4.0 | msias | RSA | File, Windows | Access Control | Log Collection | Implementation Guide |
| Microsoft Office 365 | API v1.0 | msoffice365/cef | RSA | Plugin | Cloud | Log Collection | Implementation Guide Product Manager Blog |
| Microsoft SharePoint Server | 2007, 2010, 2013, 2016 | mssharepoint | RSA | Windows | Storage | Log Collection | Implementation Guide |
| Microsoft SQL Server | 2000, 2005, 2008, 2012, 2014, 2016, 2019, and MS SQL Express | mssql | RSA | ODBC, File, Windows | Database | Log Collection | |
| Microsoft System Center Configuration Manager | 2007, 2012 | mssccm | RSA | Windows | Configuration Management | Log Collection | Implementation Guide |
| Microsoft System Center Operations Manager | 2005, 2007, 2012, 2012 R2 | mom | RSA | Windows | Configuration Management | Log Collection | Implementation Guide |
| Microsoft Team Foundation Server (TFS) | Microsoft TFS 2018 | mstfs | RSA | ODBC | CMS | Log Collection | Implementation Guide |
| Microsoft URL Scan | 3.x | msurlscan | RSA | File | Web Logs | Log Collection | Implementation Guide |
| Microsoft Windows (Legacy) | Microsoft Windows Server versions 2003 and earlier | winevent_nic | RSA | Windows Legacy | Windows Hosts | Log Collection | Implementation Guide |
| Microsoft Windows (via WinRM) | Server 2008, 2008 R2, 2012, 2012 R2 Data Center Edition, 2016, 2019 | Windows 7, 8 and 10 | winevent_nic | RSA | Windows | Windows Hosts | Log Collection | Implementation Guide |
| Microsoft Windows (via Adiscon Event Reporter, Intersect Alliance SNARE) | NT | 2000 | XP | 2003 | Vista Business, Ultimate and Enterprise | Server 2008, 2008 Enterprise with Hyper-V | Server 2008 R2 Standard, Enterprise, and Datacenter | Web Server 2008 R2 | Windows 7 Professional, Ultimate, and Enterprise | Server 2012 | Server 2016 | Server 2019 | Windows 8 and 10 | winevent_er, winevent_snare | RSA | Syslog | Windows Hosts | Log Collection | Implementation Guide |
| Microsoft Windows (via RSA NetWitness Endpoint) | Windows 7, 8, 8.1, 10 | Windows Server 2008, 2012, 2016, 2019 | windows | RSA | Syslog (via Agent) | Windows Hosts | Log Collection | Implementation Guide | Blog Post |
| Microsoft Windows DNS | 2008, 2012, 2016, 2019 | winevent_snare, winevent_er, winevent_nic | RSA | Syslog, File | Windows Hosts | Log Collection | Implementation Guide |
| Microsoft Windows Server Update Service | 3.0 SP 2 | mswsus | RSA | ODBC | Configuration Management | Log Collection | Implementation Guide |
| Morphisec Endpoint Threat Prevention | 2.7 | cef | RSA Ready | Syslog | Analysis | Log Collection | Implementation Guide |
| Motorola AirDefense Enterprise Console | 7.2, 7.3, 8.1, 9.0 | airdefense | RSA | Syslog | Wireless Devices | Log Collection | Implementation Guide |
| nCircle Configuration Compliance Manager | 5.1 | ncircleccm | RSA | Syslog | Configuration Management | Log Collection | Implementation Guide |
| NetApp Data ONTAP | 6.x, 7.0-7.3.1.1, 8.x, 9.x | netapp | RSA | Syslog, Windows Legacy | Storage | Log Collection | Implementation Guide |
| NETASQ Unified Manager | 8.1.3, 9.0.2, 9.0.3.2 | netasqutm | RSA | Syslog | Firewall | Log Collection | Implementation Guide |
| NetClarity NACwall | 8.0.6 | netclaritype | RSA Ready | Syslog | Access Control | Log Collection | Implementation Guide Source Package |
| Netflow | 5, 9 | cef, rsaflow | RSA | Netflow | Analysis | Log Collection | Implementation Guide |
| Netskope | API v1.0 | cef | RSA Ready | Plugin | Cloud | Log Collection | Implementation Guide |
| Network Critical SmartNAx Series | RSA Ready | Network TAP | Implementation Guide | ||||
| NFDump | netflow v5, v7, v9NFDump v1.5.7, 1.6.x | nfdump | RSA Ready | File | System | Log Collection | Implementation Guide | Source Package |
| NFR NIDS | 3.x, 4.x, 5.x | nfrnids | RSA | Syslog | IDS | Log Collection | Implementation Guide |
| Nominum Vantio (part of Akamai) | 5.2 | nominumvantiope | RSA Ready | Syslog | Application Servers | Log Collection | Implementation Guide Source Package |
| Novell eDirectory | 8.8 for Windows and Linux | edirectory | RSA | SNMP | Router | Log Collection | Implementation Guide |
| NXLog | Enterprise Edition | cef | RSA Ready | Syslog | Access Control | Log Collection | Implementation Guide |
| Proofpoint ObserveIT User Activity Monitoring | 7.1.0 | cef | RSA Ready | Syslog | Access Control | Log Collection | Implementation Guide |
|
OpenText Documentum (formerly EMC Documentum) |
6.5, 6.7, 7.0, 7.1 | emcdocumentum | RSA | ODBC | Database | Log Collection | Implementation Guide |
| OPSWAT MetaDefender | 3.10 | RSA Ready | REST | Endpoint | Log Collection | Implementation Guide | |
| Oracle Access Manager | 10.1.4.0.3,11g R2 | oracleam | RSA | File,ODBC (for v11g R2) | Access Control | Log Collection | Implementation Guide |
| Oracle Audit Vault | 10.3, 12.x, 20.3 | oracleav | RSA | ODBC | Database | Log Collection | Implementation Guide |
| Oracle Database | 8i, 9i, 10g, 11g, 11.2g, 12c (Mixed mode auditing and Unified auditing on Windows), 18c (Unified auditing on Unix and Windows), 19c (Unified auditing on Unix and Windows). | oracle | RSA | Syslog, ODBC, File | Database | Log Collection | Implementation Guide |
| Oracle Database Vault | 10g R2 | oracledv | RSA | ODBC | Access Control | Log Collection | Implementation Guide |
| Oracle Directory Server / Sun ONE | 11.1.1.7.1 | sunoneldap | RSA | File | Access Control | Log Collection | Implementation Guide |
| Oracle Identity Manager | 9.1 | oracleim | RSA | ODBC | Access Control | Log Collection | Implementation Guide |
| Oracle Internet Directory | 10.x | oracleid | RSA | ODBC | Access Control | Log Collection | Implementation Guide |
| Oracle iPlanet Web Server | 6.1, 7.0 | oracleiplanetweb | RSA | File | Web Logs | Log Collection | Implementation Guide |
| Oracle MySQL Enterprise | 5.x | mysql | RSA | SNMP | Database | Log Collection | Implementation Guide |
| Oracle Solaris (formerly Sun Solaris) | 8, 9, 10, 11.x | solaris | RSA | Syslog | UNIX | Log Collection | Implementation Guide |
| Oracle Solaris Basic Security Model (BSM) | 8, 9, 10, 11 | solarisbsm | RSA | Syslog, File | UNIX | Log Collection | Implementation Guide |
| Oracle WebLogic Server | 10.0, 10.3, 10.3.2, 10.3.5, 10.3.6, 12.x | oracleweblogic | RSA | File | Application Servers | Log Collection | Implementation Guide |
| Palo Alto Enterprise Firewall | PAN OS versions 3.0, 4.0.7, 5.0, 6.0, 6.1, 6.1.x, 7.0, 7.1, 8.x, 9.x | paloaltonetworks | RSA | Syslog | Firewall | Log Collection | Implementation Guide |
| Palo Alto Enterprise Firewall | RSA | SSL Decrypt | Implementation Guide | ||||
| Palo Alto Panorama Management Server | 4.1.0, 5.1.4, 7.1, 8.x | paloaltonetworks | RSA | Syslog | Firewall | Log Collection | Implementation Guide |
| Palo Alto Prisma Cloud |
21.x | prismacloud_audit | RSA | Syslog | Cloud | Log Collection | Implementation Guide |
| PAS Global ICS | 5.5 | pasics | RSA Ready | File | ICS | Log Collection | Implementation Guide Source Package |
| Picus | APIv1.0 | RSA Ready | Implementation Guide | ||||
| Splunk Phantom RSA NetWitness Logs & Network App | RSA Ready | Orchestration & Automation | Implementation Guide | ||||
| Splunk Phantom RSA Security Analytics App | RSA Ready | Orchestration & Automation | Implementation Guide | ||||
| Pivotal HD | RSA Ready | Other | Implementation Guide | ||||
| PostgreSQL | 8.4, 9.x | postgresql | RSA | Syslog | Database | Log Collection | Implementation Guide |
| Progress WhatsUp Gold | 14.2 | whatsupgold | RSA | ODBC | Configuration Management | Log Collection | Implementation Guide |
| Preempt Security Behavioral Firewall | 2.2 | cef | RSA Ready | Syslog | Analysis | Log Collection | Implementation Guide |
| Proofpoint Email Security | 6.3, 7.2, 7.5, 8.x | proofpoint | RSA | Syslog | Application Firewall | Log Collection | Implementation Guide |
| Proofpoint Targeted Attack Protection | API v1.0 | proofpoint | RSA | Plugin | Cloud | Log Collection | Implementation Guide |
| Pulse Connect Secure (formerly Juniper SSL VPN) | 5.4, 5.5, 6.0, 6.2 R2, 6.5 R2, 7.0 R2, 7.1 R5, 7.2 R1, 8.0, 8.0 R7.1, 8.x, and 9.x | junipervpn | RSA | Syslog | VPN | Log Collection | Implementation Guide |
| Qualys Vulnerability Management | API V2.0 | cef | RSA | Plugin | Cloud | Log Collection | Implementation Guide |
| Radiator Radius Server | 4.x | radiator | RSA | File | Access Control | Log Collection | Implementation Guide |
| Radiflow iSID | N/A | cef | RSA Ready | Syslog | ICS | Log Collection | Implementation Guide |
| Radware AppWall | 5.6 | radwarepe | RSA Ready | Syslog | Application Firewall | Log Collection | Implementation Guide Source Package |
| Radware DefensePro | 5.01.02, 6.05, 8.x | radwaredp | RSA | Syslog, SNMP | IPS | Log Collection | Implementation Guide |
| Rapid7 NeXpose | 4.8, 5.0, 5.2, 5.10, 6.x | nexpose | RSA | File | Vulnerability | Log Collection | Implementation Guide | Source Implementation |
| Raz-Lee iSecurity for IBM iSeries | 11.4 | cef | RSA Ready | Syslog | Application Firewall | Log Collection | Implementation Guide |
| Recorded Future Cyber Threat Intelligence | RSA Ready | Threat Intel | Implementation Guide | ||||
| Riverbed Cascade Profiler (formerly known as mazu Profiler) | 5.5.2, 6.0, 7.0, 9.5.1 | mazuprofiler | RSA | SNMP | IPS | Log Collection | Implementation Guide |
| Riverbed Steelhead | 7.0.2, 9.x | riverbedsteelhead | RSA | Syslog, SNMP | Router | Log Collection | Implementation Guide |
| RSA Access Manager | 6.0, 6.2 on Solaris, Windows, and Linux | rsaaccessmgr | RSA | File | Access Control | Log Collection | Implementation Guide |
| RSA Adaptive Authentication (Hosted) | 8.8, 8.9, 9.0, 9.1 | rsaaah | RSA | File | Access Control | Log Collection | Implementation Guide |
| RSA Adaptive Authentication (OnPrem) | 6.0.2.1 | rsaaaop | RSA | Syslog | Access Control | Log Collection | Implementation Guide |
| RSA Archer Suite | 5.1, 5.5.1, 6.x | rsaarcher | RSA | ODBC | Application Servers | Log Collection | Implementation Guide |
| RSA Certificate Manager | 6.8 | rsacm | RSA | File | Access Control | Log Collection | Implementation Guide | Source Package |
| RSA Data Loss Prevention Suite | 7.0.0, 8.0, 8.0 SP1, 8.5, 8.8, 9.x | rsadlp | RSA | Syslog | DLP | Log Collection | Implementation Guide |
| RSA Data Protection Manager (formerly RSA Key Manager) | 2.1.3, 2.5, 2.7, 3.1 | rsakeymanager | RSA | Syslog | Access Control | Log Collection | Implementation Guide |
| RSA Federated Identity Manager | 4.1 | rsafim | RSA | File | Access Control | Log Collection | Implementation Guide |
| RSA Identity Governance & Lifecycle | 6.5.1, 6.9 | rsaaveksa | RSA | ODBC | Access Control | Log Collection | Implementation Guide |
| RSA NetWitness Endpoint (formerly ECAT) | 3.4, 4.x | rsaecat | RSA | Syslog | Antivirus | Log Collection | Implementation Guide |
| RSA NetWitness Platform (formerly RSA NetWitness Suite) | 10.5, 10.6 | cef | RSA | Syslog | Analysis | Log Collection | Implementation Guide |
| RSA NetWitness Platform Malware Analysis | 1.0.5.0 | netwitnessspectrum, cef | RSA | Syslog | Antivirus | Log Collection | Implementation Guide |
| RSA SecurID Access Authentication Mgr | 8.x | rsaacesrv | RSA | Syslog | Access Control | Log Collection | Implementation Guide |
| RSA SecurID Access Identity Router (formerly Via Access) | All latest versions | rsaviaaccess | RSA | Syslog | Access Control | Log Collection | Implementation Guide |
| RSA SecurID Access Cloud Authentication Service | All latest versions | cef (v11.4.x), rsasecuridaccess (v11.5 and beyond) | RSA | Plugin | Access Control | Log Collection | Implementation Guide |
| RSA Web Threat Detection (formerly Silver Tail System Forensics and Mitigator) |
Forensics 1.x, 2.x, and 3.x Mitigator 1.x, 2.x and 3.x Web Threat Detection 4.6, 5.0, 5.0.2 |
silvertailforensics | RSA | Syslog | Analysis | Log Collection | Implementation Guide |
| SafeBreach | N/A | N/A | RSA Ready | N/A | N/A | Log Collection | Implementation Guide |
| Safend Protector | 3.x | safendprotector | RSA | Syslog | Configuration Management | Log Collection | Implementation Guide |
| SafeNet Hardware Security Module | 6.2.0, 8.x | safenethsm | RSA | Syslog | Access Control | Log Collection | Implementation Guide |
| Safestone DetectIT | 14.3 | detectit | RSA | Syslog | Analysis | Log Collection | Implementation Guide |
| Salesforce | API v1.0 | cef | RSA | Plugin | Cloud | Log Collection | Implementation Guide |
| SAP ERP Central Component | 4.6 through 7.x | sap | RSA | File | Application Servers | Log Collection | Implementation Guide | Source Package |
| Secdo Platform | RSA Ready | Other | Implementation Guide | ||||
| SECUDE Halocore | Halocore v3.8/ BI Launchpad 4.1 minimum SP2 | cef | RSA Ready | Syslog | Document | Log Collection | Implementation Guide |
| SECUDE Security Intelligence | 1 | secudesi | RSA | File | Analysis | Log Collection | Implementation Guide |
| Securaa | APIv1.0 | RSA Ready | Implementation Guide | ||||
| Securonix SNYPR | 6.0 | cef | RSA Ready | Syslog | Analysis | Log Collection | Implementation Guide |
| Sendmail |
Sendmail : 8.x Solaris: 8, 9, 10, 11.x Red Hat Enterprise Linux : 3.x, 4.x, 5.x, 6.0, 7.0 |
rhlinux, solaris | RSA | Syslog | UNIX | Log Collection | Implementation Guide |
| Senrio Insight | 1.0 | cef | RSA Ready | Syslog | Analysis | Log Collection | Implementation Guide |
| Sentryo ICS CyberVision (part of Cisco Systems) | 2.0.3 | cef | RSA Ready | Syslog | Analysis | Log Collection | Implementation Guide |
| ServiceNow ITSM | RSA Ready | Other | Implementation Guide | ||||
| Siemplify ThreatNexus | 2.5 | RSA Ready | Orchestration & Automation | Implementation Guide | |||
| Silver Peak WAN | 5.1.1.0 | silverpeakwan | RSA | Syslog | Router | Log Collection | Implementation Guide |
| SkyFormation | 2.2.4 | cef | RSA Ready | Syslog | Analysis | Log Collection | Implementation Guide |
| SkyHigh Networks Enterprise Connector | 3.3.3 | cef | RSA Ready | Syslog | Analysis | Log Collection | Implementation Guide |
| Slack | RSA Ready | Other | Implementation Guide | ||||
| Solarwinds IPAM | 4.x | solarwindsipam | RSA | Syslog | Configuration Management | Log Collection | Implementation Guide |
| Soltra Edge | RSA Ready | Threat Intel | Implementation Guide | ||||
| SonicWALL Firewall | SonicOS 5.8 and SonicOS Enhanced 6.x | sonicwall | RSA | Syslog | Firewall | Log Collection | Implementation Guide |
| SonicWall E-Class SRA / Aventail SSL VPN | 8.8, 9.0, 10.x | aventail | RSA | Syslog, File | VPN | Log Collection | Implementation Guide |
| SonicWALL Email Security | 7.2 | sonicwallemail | RSA | Syslog | VPN | Log Collection | Implementation Guide |
| SonicWALL Global Management System | 6 | sonicwallgms | RSA | ODBC | Configuration Management | Log Collection | Implementation Guide |
| Sophos Enterprise Console | 3.0, 4.5, 4.7, 5.x | sophos | RSA | ODBC,SNMP | Antivirus | Log Collection | Implementation Guide |
| Sophos UTM (formerly Astaro SG) | 9.x, 17.x | astarosg | RSA | Syslog | Firewall | Log Collection | Implementation Guide | Solution Brief | Solution Data Sheet |
| Splunk | RSA | Other | Implementation Guide | ||||
| Squid | 2.5.9, 2.7, 3.x | squid | RSA | File | Web Logs | Log Collection | Implementation Guide |
| SSH Communications Security CryptoAuditor | RSA Ready | SSL Decrypt | Implementation Guide | ||||
| STEALTHbits StealthINTERCEPT | 3.3 | stealthinterceptpe | RSA Ready | Syslog | Access Control | Log Collection | Implementation Guide Source Package |
| Stonesoft StoneGate Management Center (part of Forcepoint LLC.) | 5.3 | stonesoftsgpe | RSA Ready | Syslog | Firewall | Log Collection | Implementation Guide Source Package |
| Swimlane | RSA Ready | Orchestration & Automation | Implementation Guide | ||||
| Sybase ASE | 15.x | sybasease | RSA | ODBC | Database | Log Collection | Implementation Guide |
| Symantec Brightmail (part of Broadcom Inc.) | 9.5.3 | symantecbrightmail | RSA | Syslog | Application Firewall | Log Collection | Implementation Guide |
| Symantec Critical Systems Protection (part of Broadcom Inc.) | 5.2.4, 5.2.8, 5.2.9 | symanteccsp | RSA | ODBC, SNMP | IPS | Log Collection | Implementation Guide |
| Symantec DeepSight Intelligence (part of Broadcom Inc.) | RSA Ready | Threat Intel | Implementation Guide | ||||
| Symantec DLP (part of Broadcom Inc.) | 10.5.1, 11, 12.x, 14.x, 15.x | symantecdlp | RSA | Syslog | DLP | Log Collection | Implementation Guide |
| Symantec Endpoint Protection (part of Broadcom Inc.) | 9.0, 10.0, 10.1, 10.2, 11, 11.0.5, 11.0.6, 12, 14, 15 (Syslog only) | symantecav | RSA | Sylog, ODBC, SNMP | Antivirus | Log Collection | Implementation Guide |
| Symantec Web Security Services (part of Broadcom Inc.) | API v1.0 | symantec_wss | RSA | Plugin | Host.Cloud | Log Collection | Implementation Guide |
| Syncurity IR Flow | RSA Ready | Orchestration & Automation | Implementation Guide | ||||
| Tenable Nessus | NessusClient 1.0.2 Nessus 3.0.6, 4.0.1, 4.2, 4.4, 5.0, 7.x, 8.x | nessusvs | RSA | File | Vulnerability | Log Collection | |
| ThreatConnect Threat Intelligence Platform | RSA Ready | Threat Intel | Implementation Guide | ||||
| ThreatQuotient Threat Intelligence Platform | RSA Ready | Threat Intel | Implementation Guide | ||||
| Trend Micro Deep Security | 7.0, 7.5, 8.0, 9.x,10.x, 11.x, 12.x | trendmicrods | RSA | Syslog | Application Firewall | Log Collection | Implementation Guide |
| Trend Micro Deep Security Agent | 7.0, 7.5, 9.x, 10.x | trendmicrodsa | RSA | Syslog | Application Firewall | Log Collection | Implementation Guide |
| Trend Micro Deep Discovery Analyser | 6.x | cef | RSA | Syslog | Advanced Threat Detection | Log Collection | Implementation Guide |
| Trend Micro InterScan Messaging Security Suite | 7.1, 9.1 | trendmicroimss | RSA | File, SNMP (for 7.1)Syslog (for 9.1) | Application Firewall | Log Collection | Implementation Guide |
| Trend Micro InterScan Web Security | 3.1, 5.6, 6.x | trendmicroiwss | RSA | File,ODBC (3.1 only), Syslog (5.6, 6.x) | Web Logs | Log Collection | Implementation Guide |
| Trend Micro OfficeScan / Control Manager | 7.0, 8.0, 10.0, 10.5, 10.6, 11.x | trendmicro | RSA | Syslog, SNMP | Antivirus | Log Collection | Implementation Guide |
| Trend Micro OSSEC | 2.5.1, 2.6 | trendmicroossec | RSA | Syslog | Intrusion | Log Collection | Implementation Guide |
| Trend Micro TippingPoint (formerly HP TippingPoint) | 2.x, 3 . x, 4.x, 5.x | tippingpoint | RSA | Syslog | IDS | Log Collection | Implementation Guide |
| Trend Micro ScanMail | ScanMail 8.0 Service Pack 1, 10.2, 14.x | trendmicroscanmail, cef | RSA | SNMP | Application Firewall | Log Collection | Implementation Guide |
| Trend Micro Server Protect | 5.8 | trendmicrosp | RSA | SNMP | Antivirus | Log Collection | Implementation Guide |
| Tripwire Enterprise | 5.4, 5.5, 7.x, 8.x | tripwire | RSA | Syslog,File | Configuration Management | Log Collection | Implementation Guide |
| Tufin SecureTrack | 12.2, 20.1 | tufinsecuretrack | RSA | Syslog | Configuration Management | Log Collection | Implementation Guide |
| UnboundID Identity Data Store | 4.5.1.1 | unboundidids | RSA | Syslog | Access Control | Log Collection | Implementation Guide |
| Universal REST API | API v1.0 | o365_trace, proofpoint | RSA | Plugin | Cloud | Log Collection | Implementation Guide |
| Varonis DatAdvantage | 5.5, 5.9, (6.x for Syslog only) | varonisprobe | RSA | ODBC for 5.5Syslog for 5.9 | Access Control | Log Collection | Implementation Guide |
| FireEye Mandiant Security Validation (formerly Verodin) | RSA Ready | Other | Implementation Guide | ||||
| VMware AppDefense | API v1.0 | cef | RSA | Plugin | Cloud | Log Collection | Implementation Guide |
| VMware Workspace ONE UEM | 1904 & above | vmwareworkspaceone | RSA | Syslog | Configuration Management | Log Collection | Implementation Guide |
| VMware ESX / ESXi | ESX: 3.0.3, 3.5, 4.0, 4.1ESXi: 3.5, 4.0, 4.1, 5.0, 5.1, 5.5, 6.xEmbedded ESXi: 3.5, 4.0 | vmware_esx_esxi | RSA | VMware Collector | Virtualization | Log Collection | Implementation Guide |
| VMware NSX | 6.x | vmware_nsx | RSA | Syslog | Virtualization | Log Collection | Implementation Guide |
| VMware Orchestrator | 5.5 | vmware_vco | RSA | ODBC | Virtualization | Log Collection | Implementation Guide |
| VMware vCenter Server | VirtualCenter Server: 2.0.2, 2.5vCenter Server: 4.1, 5.0, 5.1, 5.5, 6.x | vmware_vc | RSA | VMware Collector | Virtualization | Log Collection | Implementation Guide |
| VMware vCloud Director | 1 | vmware_vcloud | RSA | Syslog | Configuration Management | Log Collection | Implementation Guide |
| VMware View | 3.1, 4.0, 4.5, 4.6, 5.0, 5.1, 5.2, 5.3, 6.0, 7.x | vmware_view | RSA | File, ODBC, Syslog | Virtualization | Log Collection | Implementation Guide |
| VMware vRealize Automation | 6.0.1, 6.2 | vmware_vcac | RSA | ODBC | Virtualization | Log Collection | Implementation Guide |
| VMware vRealize Operations Manager | 5.8.2, 6.0 | vmware_vcops | RSA | SNMP, Syslog | Virtualization | Log Collection | Implementation Guide |
| VMware vShield and vShield Manager | 4.1, 5.0, 5.1.4 | vmware_vshield | RSA | Syslog | Firewall | Log Collection | Implementation Guide |
| Voltage SecureData | 5.x, 6.x | voltagesecuredata | RSA | Syslog | DLP | Log Collection | Implementation Guide |
| Vorstack Automation and Collaboration Platform ACP | 5.1 | RSA Ready | Orchestration & Automation | Implementation Guide | |||
| VSS Monitoring | 2.3 | vssmonitoring | RSA | SNMP | System | Log Collection | Implementation Guide |
| X15 Enterprise | RSA Ready | Other | Implementation Guide | ||||
| Zscaler NSS | 4.1M | zscalernss | RSA | Syslog | Web Logs | Log Collection | Implementation Guide |
| IOTech Edge XPERT | IoT | ||||||
| SmartHub INFER | IoT | ||||||
| Technotects EdgeX | IoT | ||||||
| Technotects EdgeSmart | IoT | ||||||
| Websym FaktoryWize | IoT | ||||||
| Websym Tezeva | IoT |
Helpful Links
Featured Integrations
