Supported Devices/Products Matrix
Data ingestion
The following matrix shows the products currently supported by Fluency SIEM, along with the type of data ingress/integration.
| Vendor | Product | API | Https (HEC) | Syslog | Misc | Date Updated |
|---|---|---|---|---|---|---|
| Acronis | Cyber Protect Cloud | Y* | 2023-Jul | |||
| Avatier | AIMS | Y | ||||
| Avanan | Email Security | * via AWS-S3 | ||||
| AWS | CloudTrail | Y | ||||
| CloudWatch Logs | Y | |||||
| CloudWatch Metrics | * | PureCloudOps | ||||
| Barracuda | Firewall | Y | ||||
| Bitdefender | GravityZone | Y* | ||||
| BlackBerry | CylancePROTECT | Y | 2023-Jul | |||
| Broadcom | Symantec EPC | Y | ||||
| Cisco | ASA | Y | ||||
| AMP | Y | |||||
| Defense Orch. (CDO) | Y* | |||||
| ISE | Y | |||||
| FTD (Firepower) | Y | |||||
| Meraki | Y* | Y | ||||
| Umbrella(OpenDNS) | Cisco-managed S3 | |||||
| Citrix | NetScaler | Y | 2021-Oct | |||
| Check Point | Firewall (NGFW) | Y | ||||
| Sandblast | Y | |||||
| Coro | Cybersecurity | Y | 2023-Sep | |||
| CrowdStrike | Falcon EDR | Y | ||||
| Darktrace | Darktrace | Y* | ||||
| Digital Defense | Frontline VM | Y* | ||||
| Duo Security | Audit API | Y | ||||
| EdgeCast | Firewall (CDN) | * via AWS-S3 | ||||
| EclecticIQ | - | Y | ||||
| FireEye | ETP (email) | Y | ||||
| HX (endpoint) | Y | |||||
| Fortinet | FortiAnalyzer | Y | ||||
| Fortigate NGFW | Y | |||||
| Foritnet Cloud | - | |||||
| Frontline | Vulnerability Mgmt | Y* | ||||
| G-Suite (Workspace) | Y | Audit API | ||||
| Imperva | Incapsula | Y* | via AWS-S3 | |||
| Infoblox | DNS | Y | ||||
| Linux | Syslog | Y | audispd / sshd | |||
| dnsmasq (DNS) | Y | via rsyslog | ||||
| McAfee | Web Gateway | Y | ||||
| MVision | Y* | |||||
| ePO | Y | |||||
| Microsoft | Office365 (M365) | Y | Multiple APIs | |||
| Azure EventHub | Y | |||||
| Azure AD Audit | Y | |||||
| Defender | Y | Defender Cloud / ATP | ||||
| Windows EventLog | Y | * via NXLog agent | ||||
| Windows LDAP | * requires local collector | |||||
| Mimecast | Email Security | Y | ||||
| Okta | Audit API | Y | ||||
| PaloAlto | Firewall (NGFW) | Y | ||||
| Cortex XDR | Y | |||||
| GlobalProtect VPN | Y | |||||
| Peplink | Router/Firewall | Y* | Y | w/ InControl API | ||
| Ping Identity | PingFederate | Y | ||||
| Proofpoint | Email Security | Y* | ||||
| Qualys | Cloud Plateform | Y* | ||||
| Salesforce | Event Monitoring | Y* | 2023-Oct | |||
| SentinelOne | EDR | Y | Y | |||
| CloudFunnel | * via AWS-S3 | 2023-Jun | ||||
| Ranger | - | |||||
| Seraphic | Browser Security | Y | 2023-Nov | |||
| SonicWall | Firewall (NGFW) | Y | 2022-Mar | |||
| Sophos | EDR | Y* | ||||
| Firewall | Y | 2021-Dec | ||||
| Tainium | Endpoint Security | Y* | ||||
| Tenable | Vulnerability Mgmt | Y* | Tenable.io | |||
| Trellix | Endpoint Security | Y* | ||||
| Trend Micro | Apex Central | Y | ||||
| Deep Security | Y | 2022-Jan | ||||
| Worry-Free Security | - | no method available | ||||
| VMware | Carbon Black | Y | ||||
| Carbon Black PSC | Y | |||||
| Zix | Email Security | Y* | ||||
| Zoom | Video Conferencing | Y* | ||||
| Syslog | Data Source (not listed above) | Y | *new parser upon request | |||
"*": Supported, but not enabled by default. Please contact Fluency Support to enable this integration for your instance.
Use the following link to: Create a Support Ticket
Event Notification
The following matrix shows the products currently supported by Fluency SIEM for event/notification export.
| Vendor | Product | API | Webhook | Misc |
|---|---|---|---|---|
| SIEM Alert Export | ||||
| Slack | Y | SIEM Alert Export | ||
| PagerDuty | Y | Y | SIEM Alert Export |
Updated 8 months ago