Supported Log Sources

TeskLabs Logman.io supports a variety of different technologies, which we have listed below.

Formats

Syslog RFC 5424 (IEFT)
Syslog RFC 3164 (BSD)
Syslog RFC 3195 (BEEP profile)
Syslog RFC 6587 (Frames over TCP)
Windows Event Log
SNMP
ArcSight CEF
LEEF
JSON
XML
YAML
Avro
Custom log format

And many more.

Vendors and Products

Cisco

Cisco Firepower Threat Defense (FTD)
Cisco Adaptive Security Appliance (ASA)
Cisco Identity Services Engine (ISE)
Cisco Meraki (MX, MS, MR devices)
Cisco Catalyst Switches
Cisco IOS
Cisco WLC
Cisco ACS
Cisco SMB
Cisco UCS
Cisco IronPort
Cisco Nexus
Cisco Routers
Cisco VPN
Cisco Umbrella

Palo Alto Networks

Palo Alto Next-Generation Firewalls
Palo Alto Panorama (Centralized Management)
Palo Alto Traps (Endpoint Protection)

Fortinet

FortiGate (Next-Generation Firewalls)
FortiSwitch (Switches)
FortiAnalyzer (Log Analytics)
FortiMail (Email Security)
FortiWeb (Web Application Firewall)
FortiADC
FortiDDos
FortiSandbox

Juniper Networks

Juniper SRX Series (Firewalls)
Juniper MX Series (Routers)
Juniper EX Series (Switches)

Check Point Software Technologies

Check Point Security Gateways
Check Point SandBlast (Threat Prevention)
Check Point CloudGuard (Cloud Security)

Microsoft

Microsoft Windows (Operating System)
Microsoft Azure (Cloud Platform)
Microsoft SQL Server (Database)
Microsoft IIS (Web Server)
Microsoft Office 365
Microsoft Exchange
Microsoft Sharepoint

Linux

Ubuntu (Distribution)
CentOS (Distribution)
Debian (Distribution)
Red Hat Enterprise Linux (Distribution)
IPTables
nftables
Bash
Cron
Kernel (dmesg)

Oracle

Oracle Database
Oracle WebLogic Server (Application Server)

Amazon Web Services (AWS)

Amazon EC2 (Virtual Servers)
Amazon RDS (Database Service)
AWS Lambda (Serverless Computing)
Amazon S3 (Storage Service)

VMware

VMware ESXi (Hypervisor)
VMware vCenter Server (Management Platform)

F5 Networks

F5 BIG-IP (Application Delivery Controllers)
F5 Advanced Web Application Firewall (WAF)

Barracuda Networks

Barracuda CloudGen Firewall
Barracuda Web Application Firewall
Barracuda Email Security Gateway

Sophos

Sophos XG Firewall
Sophos UTM (Unified Threat Management)
Sophos Intercept X (Endpoint Protection)

Aruba Networks (HPE)

Aruba Switches
Aruba Wireless Access Points
Aruba ClearPass (Network Access Control)
Aruba Mobility Controller

HPE

iLO
IMC
HPE StoreOnce
HPE Primera Storage
HPE 3PAR StoreServ

Trend Micro

Trend Micro Deep Security
Trend Micro Deep Discovery
Trend Micro TippingPoint (Intrusion Prevention System)
Trend Micro Endpoint Protection Manager
Trend Micro Apex One

Zscaler

Zscaler Internet Access (Secure Web Gateway)
Zscaler Private Access (Remote Access)

Akamai

Akamai (Content Delivery Network and Security)
Akamai Kona Site Defender (Web Application Firewall)
Akamai Web Application Protector

Imperva

Imperva Web Application Firewall (WAF)
Imperva Database Security (Database Monitoring)

SonicWall

SonicWall Next-Generation Firewalls
SonicWall Email Security
SonicWall Secure Mobile Access

WatchGuard Technologies

WatchGuard Firebox (Firewalls)
WatchGuard XTM (Unified Threat Management)
WatchGuard Dimension (Network Security Visibility)

Apple

macOS (Operating System)

Apache

Apache Cassandra (Database)
Apache HTTP Server
Apache Kafka
Apache Tomcat
Apache Zookeeper

NGINX

NGINX (Web Server and Reverse Proxy Server)

Docker

Docker (Container Platform)

Kubernetes

Kubernetes (Container Orchestration)

Atlassian

Jira (Issue and Project Tracking)
Confluence (Collaboration Software)
Bitbucket (Code Collaboration and Version Control)

Cloudflare

Cloudflare (Content Delivery Network and Security)

SAP

SAP HANA (Database)

Balabit

syslog-ng

Open-source

PostgreSQL (Database)
MySQL (Database)
OpenSSH (Remote access)
Dropbear SSH (Remote access)
Jenkins (Continuous Integration and Continuous Delivery)
rsyslog
GenieACS
Haproxy
spamassasin
FreeRadius
Bind
DHCP
Postfix
Squid Cache
Zabbix
FileZilla

IBM

IBM Db2 (Database)
IBM AIX (Operating System)
IBM i (Operating System)

Brocade

Brocade Switches

Google

Google Cloud
Pub/Sub & BigQuery

Elastic

ElasticSearch

Citrix

Citrix Virtual Apps and Desktops (Virtualization)
Citrix Hypervisor (Virtualization)
Citrix ADC, NetScaler
Citrix Gateway (Remote access)
Citrix SD-WAN
Citrix Endpoint Management (MDM, MAM)

Dell

Dell EMC Isilon (network-attached storage)
Dell PowerConnect Switches
Dell W-Series (Access points)
Dell iDRAC
Dell Force10 Switches

FlowMon

Flowmon Collector
Flowmon Probe
Flowmon ADS
Flowmon FPI
Flowmon APM

GreyCortex

GreyCortex Mendel

Huawei

Huawei Routers
Huawei Switches
Huawei Unified Security Gateway (USG)

Synology

Synology NAS
Synology SAN
Synology NVR
Synology Wi-Fi routers

Ubiquity

UniFi

Avast

Avast Antivirus

Kaspersky

Kaspesky Endpoint Security
Kaspesky Security Center

Kerio

Kerio Connect
Kerio Control
Kerio Clear Web

Symantec

Symantec Endpoint Protection Manager
Symantec Messaging Gateway

ESET

ESET Antivirus
ESET Remote Administrator

AVG

AVG Antivirus

Extreme Networks

ExtremeXOS

IceWarp

IceWarp Mail Server

Mikrotik

Mikrotic Routers
Mikrotik Switches

Pulse Secure

Pulse Connect Secure SSL VPN

QNAP

QNAP NAS

Safetica

Safetica DLP

Veeam

Veeam Backup and Restore

SuperMicro

IPMI

Mongo

MongoDB

YSoft

SafeQ

Bitdefender

Bitdefender GravityZone
Bitdefender Network Traffic Security Analytics (NTSA)
Bitdefender Advanced Threat Intelligence

This list is not exhaustive, as there are many other vendors and products that can send logs to TeskaLabs LogMan.io using standard protocols such as Syslog. Please contact us if you seek for a specific technology to be integrated.

SQL log extraction

TeskaLabs LogMan.io can extract logs from various SQL databases using ODBC (Open Database Connectivity).

Among supported databases are:

PostgreSQL
Oracle Database
IBM Db2
MySQL
SQLite
MariaDB
SAP HANA
Sybase ASE
Informix
Teradata
Amazon RDS (Relational Database Service)
Google Cloud SQL
Azure SQL Database
Snowflake