| Anti-Virus |
| AMaViS |
| AVG 7.5 Network |
| AVG DataCenter 7.5 |
| AVG DataCenter 8.0 |
| Bromium virtualization-based security catches |
| ClamAV |
| Command Antivirus for Windows |
| Command for Exchange Server |
| Cylance-Next Generation Anti-Virus |
| ESET NOD32 syslog |
| Enhanced Mitigation Experience Toolkit (EMET) |
| Eset Remote Administrator |
| F-Secure Anti-Virus 7 |
| F-Secure Policy Manager Server 10 |
| F-Secure syslog |
| Forefront Endpoint Protection - AV |
| Forefront Security Application Log (Client Security, Exchange and Sharepoint) |
| Forefront Security SQL Database |
| Forefront Security System Log (Client Security) |
| FreshClam |
| Group Shield/Outbreak for Exchange Server |
| InoculateIT 6.0 |
| InoculateIT 7.0+ |
| Kaspersky Administration Kit 8 |
| Kaspersky Administration Kit 8 - Extended version |
| Kaspersky Anti-Virus 10 |
| Kaspersky Anti-Virus 6 |
| Kaspersky Endpoint Security 11 |
| Kaspersky Security Center |
| Kaspersky Security Center - Extended |
| Kaspersky events via Windows EventLog |
| Malware Bytes Management Console |
| Malware Bytes non-syslog |
| Malware bytes syslog |
| McAfee Access Protection |
| McAfee Activity Log (4.5 DAT file update) |
| McAfee Mail Scan |
| McAfee NetShield |
| McAfee On Access Scan v7.0 |
| McAfee Total Protection |
| McAfee Update v7.0 |
| McAfee VSC |
| McAfee VSH 5.0/7.0 |
| McAfee VSH 80i |
| McAfee VSH 85i |
| McAfee VSH Home |
| McAfee Web Email Scan |
| Microsoft Security Essentials |
| Microsoft Windows Defender-Operational |
| Microsoft Windows Defender-Windows Health Center |
| NOD32 Antivirus 4 Access Event |
| NOD32 Antivirus 4 Access Scan |
| NOD32 Antivirus 4 Access Threat |
| NOD32 Antivirus 4 SQL Event |
| NOD32 Antivirus 4 SQL Scan |
| NOD32 Antivirus 4 SQL Threat |
| NOD32 Antivirus 5 Access Event |
| NOD32 Antivirus 5 Access Firewall |
| NOD32 Antivirus 5 Access Scan |
| NOD32 Antivirus 5 Access Threat |
| NOD32 Antivirus 5 SQL Event |
| NOD32 Antivirus 5 SQL Firewall |
| NOD32 Antivirus 5 SQL Scan |
| NOD32 Antivirus 5 SQL Threat |
| Palo Alto Traps |
| Panda Security for Desktops 4.02 |
| Sophos Anti-Virus SNMP |
| Sophos Anti-Virus for Win2k |
| Sophos Enterprise 2.0 Database |
| Sophos Enterprise 3.0 Database |
| Sybari's Antigen 7.0 for Exchange Server 2000 |
| Symantec Corp Antivirus |
| Symantec Endpoint Protection 11 |
| Symantec Endpoint Protection Small Business Edition - Application logs |
| Symantec Endpoint Protection Small Business Edition - own logs |
| Symantec Protection Engine |
| Trend IMSS |
| Trend IMSS Policy |
| Trend IMSS Virus |
| Trend InterScan |
| Trend Micro Control Manager |
| Trend Office Scan |
| Trend ScanMail |
| Trend Server Protect |
| VIPRE 5.0 |
| VIPRE Business - System Events 4.0 |
| VIPRE Business 4.0 |
| VIPRE Enterprise 3.1 |
| Webroot Antispyware Corporate Edition 3.5 |
| eEye Blink Professional Endpoint Protection |
| Application |
| .Net Syslog Client |
| Application and Services Logs - CertificateServicesClient-Lifecycle-System |
| Application and Services Logs - CertificateServicesClient-Lifecycle-User |
| Atlassian JIRA |
| BST Enterprise |
| BST Enterprises |
| BlueEye |
| Bomgar Appliance |
| Bunyan Admin/DS Logging |
| Call Copy |
| Cimcor CimTrak via syslog |
| Citrix StoreFront Delivery Services |
| Cron Service |
| DAXMonitor- Demand AnalytX monitor |
| Dell AppAssure |
| Dell Quest Rapid Recovery (AppAssure Logs) |
| Dell Quest Rapid Recovery (Dell Logs) |
| Dell Quest Rapid Recovery (Quest Logs) |
| Denyhosts |
| Directory Synchronization |
| Epic |
| FactoryTalk View |
| Flex Teller |
| Hitachi JP1 Job Management Partner 1 / Automatic Job Management System |
| Hitachi JP1 Job Management Partner 1/Base |
| Honeyd Virtual Honeypot |
| Hyland Workflow Timer Service |
| HyperV-Hypervisor-Operational |
| HyperV-Integration-Admin |
| HyperV-SynthNic-Admin |
| HyperV-VMMS-Admin |
| HyperV-VMMS-Networking logs |
| HyperV-VMMS-Operational |
| HyperV-Worker-Admin |
| IBM RACF and DB2 Syslog |
| IBM RACF messages |
| JBoss Logging (MM/dd/yyyy HH:mm:ss) |
| JBoss Logging ISO8601 (yyyy-MM-dd HH:mm:ss) |
| Linux YUM |
| Log4Net |
| Log4j |
| Luminis Access |
| Luminis cp |
| Made2Manage |
| ManageEngine Password Manager Pro |
| Meditech |
| Meditech EMR Access Log |
| Microsoft Lync |
| Microsoft Windows AppLocker- EXE and DLL |
| Microsoft Windows AppLocker- MSI and Script |
| Microsoft Windows Failover Clustering (HyperV Cluster) logs |
| OnBase enterprise information platform |
| Oracle Hyperion FM log |
| Oracle Linux messages log |
| Oracle WebLogic Server 12c |
| PowerShell |
| PowerShell 5.0 |
| Print Services for Windows 7/2008(Admin) |
| Print Services for Windows 7/2008(Operational) |
| QCSI Application Log data |
| QCSI Data Logs |
| QCSI System Logs |
| Salient Commercial Solutions |
| Savant Protection |
| Shibboleth IDP warn logs |
| Subnet POWER SYSTEM - AccessServer, ApplicationServer, DataServerSQL, ApplicationServerSharePoint |
| Syslog-ng |
| Verint |
| Wescom Resources Group's Host Gateway Windows Log |
| Windows Active Directory Federation Services |
| Windows Active Directory Federation Services, Auditing |
| Windows DHCP Server 2000/2003/2008 event Log(Admin) |
| Windows DHCP Server 2000/2003/2008 event Log(Operational) |
| Windows Secure Envoy Log |
| Windows Setup Log |
| db2diag local file non-syslog |
| vCenter vpxd 6.0 logs |
| Application Switch |
| Cisco Content Services Switch |
| Citrix Secure Access Gateway Enterprise Appliance / Netscaler |
| ConSentry Controller |
| Coyote Point Equalizer |
| F5 BigIP BSD daemon messages |
| F5 BigIP HTTPD specific |
| F5 BigIP messages |
| F5 General BIG-IP specific messages |
| FireProof |
| LinkProof |
| Nortel Alteon |
| Radware AppDirector |
| Data Loss Prevention |
| Bit9 Parity v5+ Syslog |
| CodeGreen Content Inspection |
| CodeGreen Content Inspection user |
| DeviceLock Audit |
| DeviceLock Events |
| EMC RecoverPoint |
| FileSure |
| Forcepoint TRITON AP-DATA |
| Microsoft Backup Operational logs |
| Microsoft Data Protection Backup manager |
| Microsoft Data Protection Manager |
| NuBridges Protect Key Manager |
| NuBridges Protect Resource Service |
| NuBridges Protect Token Manager Engine |
| SecureSphere |
| SecureSphere Database Gateway 6.0 |
| SecureSphere System and Firewall Events 6.0 |
| SecureSphere Web Application Firewall 6.0 |
| SecureSphere v10 |
| Veeam backup and availability |
| Veeam endpoint backup and availability |
| Vericept Monitor |
| Websense Data Security |
| Database |
| Collects events from Postgres Database log file |
| IBM DB2 messages |
| LOGbinder SQL |
| LOGbinder SQL Security |
| MS SQL Audit Events |
| MSSQL Application Log |
| MySQL Database log |
| MySQL database tools on Windows err log |
| OpenEdge Audit |
| Oracle Alert Log |
| Oracle Auditor - Buffer - Extended version |
| Oracle Auditor - Database |
| Oracle Auditor - Database - Extended |
| Oracle Auditor - Syslog |
| Oracle Auditor - Syslog - Extended version |
| Oracle Auditor - Windows |
| Oracle Auditor - Windows - Extended version |
| Oracle Unified Auditing system. |
| SolarWinds Log and Event Manager MSSQL Auditor |
| E-Mail |
| IBM Domino (AIX) |
| LOGbinder for Exchange |
| Lotus Notes Webmail |
| Lotus Notes and Domino Server 8 |
| Microsoft Exchange Application Log |
| Microsoft Exchange Event Log |
| Microsoft Exchange Management Log |
| Microsoft Exchange Message Tracking |
| File Transfer and Sharing |
| Accellion Secure File Transfer using https and SFTP |
| Axway Secure Client |
| Cerberus FTP Server |
| CrushFTP |
| DFS Replication |
| EFT Server Enterprise Windows Application Log |
| FileZilla |
| GENE6 Secure FTP Server Security |
| GENE6 Secure FTP Server Transfer |
| Globalscape EFT client |
| Globalscape Secure FTP (W3C Extended file format) |
| GoAnywhere Services |
| HP StorageWorks Modular Smart Array SNMP |
| LOGbinder for Sharepoint: LOGbinder SP log |
| LOGbinder for Sharepoint: LOGbndSP log |
| LOGbinder for Sharepoint: Security Log |
| MOVEit Log |
| MOVEit Windows Application Log |
| Microsoft IIS FTP Server 5+ (W3C Extended file format) |
| Microsoft IIS FTP Server 7.0 (W3C Extended file format) |
| Microsoft Offline Files Operational |
| OpenBSD FTPd |
| Panzura Distributed File Services |
| ProFTPD Access |
| ProFTPD Auth |
| Pure Storage Purity |
| Pure-FTPd |
| QNAP NAS/File Server |
| Samba |
| Serv-U FTP Server |
| Serv-U FTP Server (Never Rotate) |
| SmartFile Secure File Sharing and Transfer Solutions |
| Solarwinds SFTP/SCP Server |
| Varonis DatAdvantage File Monitoring |
| WS_FTP Server Corporate |
| secRMM |
| vsftpd xferlog |
| Firewalls |
| A10 Load Balancer and Web Application Firewall |
| AppWall |
| Applicure dotDefender |
| Barracuda NG Firewall (Phion Netfence) |
| Barracuda NG Firewall (Phion Netfence) Extended |
| Barracuda Web Application Firewall |
| Borderware Firewall |
| Check Point Firewalls 5000 series |
| CheckPoint 600 Appliances (optional) daemon.log |
| CheckPoint 600 Appliances (optional) user.log |
| CheckPoint 600 Appliances (required) auth.log |
| CheckPoint2200 |
| CheckPoint2200Kern |
| Checkpoint Edge X Firewall |
| Checkpoint Safe@Office Firewall |
| Cisco ASA and IOS |
| Cisco Firesight |
| Cisco SA500 Series Security Appliances |
| Clavister firewall |
| Cyberguard |
| D-Link DFL firewall |
| EndianUTM |
| FortiClient |
| FortiGate 5.0+ |
| GNAT Box System Software v.3.3 |
| HP Firewall |
| Hirschmann EAGLE System Industrial Firewall |
| IBM DataPower |
| IP Filter |
| IPFire OpenSource Firewall Distribution |
| Incapsula Web Application Firewall via syslog |
| Ingate Firewall |
| Juniper Virtual Gateway |
| Juniper/NetScreen 5 |
| Kerio Control Firewall |
| McAfee Firewall v5.8 CEF |
| McAfee ForcePoint Firewall |
| Microsoft Forefront Threat Management Gateway 2010 Firewall (W3C Server file format) |
| Microsoft ISA 2000 Firewall (ISA Server file format) |
| Microsoft ISA 2004 Web Proxy (ISA Server file format) |
| Microsoft ISA 2004 Web Proxy (W3C Server file format) |
| Microsoft ISA 2004/2006 Firewall (ISA Server file format) |
| Microsoft ISA 2004/2006 Firewall (W3C Server file format) |
| Microsoft ISA 2006 Web Proxy (ISA Server file format) |
| Microsoft ISA 2006 Web Proxy (W3C Server file format) |
| Microsoft ISA Firewall (W3C Extended file format) |
| Microsoft ISA Packet Filter (ISA Server file format) |
| Microsoft ISA Packet Filter (W3C Extended file format) |
| Microsoft ISA Server Application Log |
| Microsoft ISA Web Proxy (ISA Server file format) |
| Microsoft ISA Web Proxy (W3C Extended file format) |
| Microsoft Windows Firewall Advanced Security Events |
| Netgear FV Series |
| Netscreen(Juniper SRX firewall) |
| Network Box RM300 and ITPE1000 |
| OPSEC(TM) / Check Point(TM) NG LEA Client |
| OPSWAT Metadefender |
| OSSEC Active Response log |
| Palo Alto Networks Firewalls |
| Sidewinder 6.1+ Firewall |
| Sidewinder Firewall |
| SonicWall |
| SonicWall GMS |
| Sophos (Astaro) Security Gateway |
| SophosXG Firewall |
| StoneGate Firewall v5.3 CEF |
| Storm Shield Netasq Firewall |
| Symantec Velociraptor 1.5 |
| Symantec Velociraptor 2.0 |
| Symantec Velociraptor 3.0 |
| Tippingpoint X505 |
| Titanium Mirror Firewall |
| Tofino Firewall LSM for Industrial Networks |
| Trend Deep Security |
| Untangle NG Firewall |
| VMWare vShield Edge Firewall |
| VisNetic Firewall |
| WatchGuard firewalls |
| Windows Firewall |
| ZyXEL ZyWALL CEF Format |
| eSoft |
| iptables / netfilter |
| pfSense Firewall/Router |
| IAM |
| BioPassword |
| Cisco (NAC) Network Access Control Appliance with Clean Access Manager (CAM) or Server (CAS) Software |
| Cisco ACS Admin Audit |
| Cisco ACS Admin Audit 4.1+ |
| Cisco ACS Backup and Restore |
| Cisco ACS Database Replication |
| Cisco ACS Database Sync |
| Cisco ACS Express |
| Cisco ACS Failed Attempts |
| Cisco ACS Passed Authentications |
| Cisco ACS RADIUS Accounting |
| Cisco ACS Service Monitoring |
| Cisco ACS TACACS+ Accounting |
| Cisco ACS TACACS+ Administration |
| Cisco ACS User Password Changes |
| Cisco ACS VoIP |
| Cisco Customer Voice Portal Application Activity Date Rotating Log |
| Cisco Customer Voice Portal Application Activity Log |
| Cisco Customer Voice Portal Application Admin Date Rotating Log |
| Cisco Customer Voice Portal Application Admin Log |
| Cisco Customer Voice Portal Application Error Date Rotating Log |
| Cisco Customer Voice Portal Application Error Log |
| Cisco Customer Voice Portal Global Admin Date Rotating Log |
| Cisco Customer Voice Portal Global Admin Log |
| Cisco Customer Voice Portal Global Error Date Rotating Log |
| Cisco Customer Voice Portal Global Error Log |
| Cisco Customer Voice Portal Global call Date Rotating Log |
| Cisco Customer Voice Portal Global call Log |
| Cisco Customer Voice Portal Server Startup Error Date Rotating Log |
| Cisco Customer Voice Portal Server Startup Error Log |
| Cisco Identity Services Engine (ISE) |
| Cisco Secure ACS 4.1 Syslog |
| Cisco Secure ACS 5+ Syslog |
| ClearBox Enterprise RADIUS server |
| Cyber-Ark Vault |
| Dell Defender |
| DigitalPersona Pro |
| Entrust Identity Guard (IDG) |
| Extreme Sentriant |
| FreeRADIUS |
| FutureX Excrypt |
| IAS RADIUS Non-Rotating File |
| IAS RADIUS Rotating File |
| IBM Tivoli Access Manager for Operating Systems |
| Imprivata Appliance |
| Juniper SBR authentication accepts report log |
| Juniper SBR authentication accepts report log |
| Juniper SBR authentication rejects report log |
| Juniper SBR authentication rejects report log |
| KEMP Kern Log |
| ManageEngine Password Manager Pro SNMP |
| Microsoft Azure AD Password Protection DC Agent Admin |
| Microsoft RRAS |
| Microsoft RRAS Extended NPS Log Format |
| Microsoft Windows Group Policy Operational |
| Microsoft Windows Terminal Services Gateway |
| Microsoft Windows Terminal Services Gateway Admin |
| Microsoft Windows Terminal Services Remote Connection Manager |
| Net Access |
| NetIQ Directory and Resource Administrator |
| Novell Identity Audit DB |
| OneSpan |
| Pleasant Password Server |
| PointSec PC |
| RSA Authentication Manager 7.1 |
| SafeNet Authentication Service (SAS) Windows Events |
| SafeNet SafeWord |
| Safenet Authentication service |
| SanDisk CMC |
| SecurID |
| SecurID Syslog |
| SecureAuth idP |
| Shibboleth Identity Provider |
| SolarWinds Access Rights Manager |
| Thycotic Secret Server |
| TriCipher |
| Two-Factor Authentication For Active Directory |
| Vormetric |
| Windows IAS and NPS System Log |
| Windows server netlogon debug log |
| eDMZ Password Auto Repository |
| entrust |
| IDS and IPS |
| ActiveScout |
| Cisco FirePOWER Module (Sourcefire 3D system) |
| Cisco IDS/IPS v4/5.x |
| Cisco IPS 5+ (SDEE) |
| Darktrace - threat detection and classification |
| Dragon IDS |
| FortiSnort |
| GFI LANguard System Integrity Monitor 3 |
| IBM IPS XGS |
| IBM XGS |
| ISS Proventia IPS |
| ISS RealSecure IDS |
| Juniper IDP 250 v5.0 |
| Juniper IDP 3.x |
| Juniper IDP 4.0+ |
| McAfee Network Security Manager |
| Microsoft ATA (Advanced Threat Analytics) |
| NitroGuard IPS - Snort Format |
| NitroSecurity IPS |
| Osiris Host Integrity Monitoring System |
| Radware DefensePro |
| Reflex IMC |
| Secure Auth (Syslog) |
| SecureAuth Error logs |
| SecureAuth Logging Audit logs |
| SecureAuth Logging Audit logs_Rotating |
| SecureNet IDS |
| Sentinel IPS |
| Snort |
| Sophos Central Cloud |
| Symantec Gateway IDS |
| SyslogSnort |
| TippingPoint Audit and System |
| Tippingpoint IPS 1.4 |
| Tippingpoint IPS 2.1 |
| Tippingpoint SMS |
| TopLayer Attack Mitigator |
| Trend Micro Deep Discovery Inspector |
| Trend Micro HIDS - ossec syslog |
| Trend Micro Interscan Gateway Security Appliance |
| Tripwire Enterprise |
| Manager |
| Debian DPKG |
| Manager Monitor |
| Micro Focus Content Manager (DB Rotating) |
| Micro Focus Content Manager (TALF) |
| MicrosoftWindowsRemoteManagement-Operational |
| SWLEM Reports |
| nDepth Log Storage Message |
| Network Access Control |
| Aruba ClearPass Policy Manager |
| Cisco Prime Security Manager |
| Network Management |
| Airwatch |
| Arbor Pravail APS 2104 |
| Aruba Airwave Management Platform |
| Axcient Unified Management Console (UMC) |
| Barracuda Load Balancer ADC |
| Barracuda Web Security Gateway |
| Blue Coat PacketShaper |
| Carbon Black Enterprise Response |
| Cimcor CimTrak |
| Cisco Wireless Acccess Point |
| Cisco Wireless Control System |
| Cisco Wireless LAN Controller snmp trap logs |
| Citrix XenMobile, Mobile management MDM, system and audit sys log. |
| DNA OASyS |
| DNA OASyS xosErrLog |
| Dameware Remote Administration |
| Fujitsu iRMC |
| Gemalto High Availability (HA) Log Messages |
| HPE Intelligent Management Center (IMC) |
| Juniper NSM |
| Lancope StealthWatch |
| MS Forefront Endpoint Protection |
| Microsoft Exchange High Availability Logs |
| MicrosoftNetworkProfileOperational |
| NGINX Plus web delivery platform error logs |
| Nagios |
| Radius server bundled with Windows Server 2008 and later |
| SecureLink Device |
| SolarWinds Orion and Virtualization Manager |
| Survalent ADMS Software automation solution |
| Titus Enterprise Information Protection |
| Ubiquiti Wireless Acccess Point |
| ePolicy Orchestrator (ePO) |
| ePolicy Orchestrator (ePO) 4.5+ |
| vCenter Server is the centralized management utility for VMware. |
| Network Services |
| Array APV 1600 |
| Barracuda Admin |
| Barracuda Mail Archiver |
| Barracuda Spam Firewall |
| Bind |
| CA's BrightStor v11.5 |
| Calix Telecommunications |
| Cisco Network Registrar for Windows |
| Cisco Unified Communications Manager (CallManager) |
| DHCPd |
| DNS Bind |
| Distil Networks |
| Eaton Cooper Power Systems |
| Gemalto Luna |
| IIS Configuration |
| IceWarp Mail Server (Merak) |
| Infoblox NIOS |
| KEMP User Log |
| Kemp LoadMaster |
| Kerio Connect |
| Linux Sendmail |
| LinuxLDAP Access |
| LinuxLDAP Error |
| Locum RealTime Monitor |
| Microsoft Cloud App Security |
| Microsoft Exchange Server in W3C format without Fields value |
| Microsoft Windows WAS, Microsoft Sharepoint Services, vmStatsProvider, Manager Reporter 2012 services Logs |
| NetIQ eDirectory |
| Netskope CASB |
| Nimble SAN |
| Nutanix |
| OpenLDAP |
| Oracle Communications Subscriber-Aware Load Balancer and Session Border Controller (SBC) parts of Oracle ACME |
| Postfix |
| Quest VMWare vRanger |
| Redline |
| Riverbed/Brocade Stingray |
| SafeNet DataSecure Certificate Server |
| Semafone |
| SolarWinds Web Help Desk |
| Symantec Backup Exec System Recovery |
| Symmetricom SyncServer |
| Synology cloud software |
| TACACS+ server based on Cisco engineering release |
| WatchGuard Extensible Content Security (XCS) auth log |
| WatchGuard Extensible Content Security (XCS) syslog |
| Windows DHCP Server 2000 |
| Windows DHCP Server 2000/2003/2008 System Log |
| Windows DHCP Server 2003 and 2008 |
| Windows DNS-Server-Analytical |
| Windows Server 2008 Log |
| named bind |
| smnpd daemon messages |
| Operating Systems |
| AIX Audit |
| AIX Syslog |
| Debian 8.8 kern logs |
| Debian v8.8 |
| FireEye Operating System |
| FreeBSD Authentication |
| HP OpenVMS 8+ |
| HP-ux Syslog |
| Legacy TriGeo Agent AS400 Tool |
| Linux Auditd |
| Linux PAM |
| Linux PAM command |
| Linux command line logging |
| Linux syslog events |
| LogAgent for OS400 (Patrick Townsend Security Solutions) |
| Mac OS X (crashreporter) |
| Mac OS X (install) |
| Mac OS X (mail) |
| Mac OS X (ppp) |
| Mac OS X (secure) |
| Mac OS X (system) |
| Microsoft Cluster Services events |
| Microsoft Sysmon |
| Microsoft Windows NTLM |
| Microsoft Windows Task Scheduler |
| Microsoft Windows Terminal Services Local Session Manager |
| MobileIron Assemble |
| MobileIron VSP |
| Novell Netware 4.1 - 5.3 |
| Novell Netware 6.5 |
| Novell Netware 6.5 (Database) |
| Novell Netware 6.5 File |
| Open SSH |
| Oracle Linux secure logs |
| PowerTech Interact |
| SELinux |
| Solaris 10 BSM Auditing |
| Solaris 10 Snare Auditing |
| Solaris 11 |
| Solaris 8 and 9 Snare Auditing |
| VMWare ESX esxcfg-firewall log |
| VMWare ESX hostd log |
| VMWare ESX messages log |
| VMWare ESX secure log |
| VMWare ESX vmkernel log |
| VMWare ESX vmkwarning log |
| VMWare ESXi Hostd log |
| VMWare ESXi messages log |
| VMWare ESXi vmkernel log |
| Windows Application - Syslog |
| Windows Application Log |
| Windows DNS Server Audit Log |
| Windows DNS Server Log |
| Windows DNS Traffic Log |
| Windows Directory Service Log |
| Windows File Integrity Monitoring (FIM) File and Directory |
| Windows File Integrity Monitoring (FIM) Registry |
| Windows File Replication Service |
| Windows Filtering Platform Events |
| Windows NT/2000/XP Security Log |
| Windows Security - Syslog |
| Windows Security Log |
| Windows System - Syslog |
| Windows System Log |
| iSecurity CEF |
| iSecurity for OS400 (Raz-Lee) |
| linuxauditd (syslog) |
| sudo |
| sudo syslog |
| Physical Infrastructure |
| APC InfraStruXure |
| APC Netbotz |
| Dell DRAC |
| Dell Server Administrator |
| EMCUnity |
| Fujitsu Blade Servers |
| Fujitsu Storage ETERNUS |
| Grandstream Gateway |
| HP BladeSystem Enclosure auth log |
| HP BladeSystem Enclosure local log |
| HP Printer |
| HP Proliant iLO 4 |
| HPE 3PAR StoreServ |
| Hitachi AMS |
| JACO CartCare |
| Tripp Lite SNMPWEBCARD |
| TrippLitePDU |
| Proxies/Content Filters |
| Actiance Unified Security Gateway |
| Barracuda Web Filter |
| Blue Coat Proxy SG web access |
| Blue Coat ProxySG |
| Cisco AsyncOS Access Log |
| Cisco Content Security and Control Security Services Module 6.1-6.2 |
| Cisco Content Security and Control Security Services Module 6.3+ |
| ClearSwift Secure Email Gateway |
| Forcepoint TRITON AP-WEB |
| FortiWeb Web Application Firewall |
| IronPort Email Security Appliance |
| IronPort Web Security |
| Mail Assure |
| McAfee Email Gateway |
| McAfee Web Gateway v6.x |
| McAfee Web Gateway v7.x |
| Sonicwall Email Security |
| Sophos ES appliance |
| Sophos ES appliance auth |
| Sophos WS appliance |
| Squid Access Log |
| SquidGuard Access Block Log |
| St. Bernard iPrism |
| Symantec Secure Web Gateway: ProxySG and ASG (Bluecoat) Access |
| Symantec Secure Web Gateway: ProxySG and ASG (Bluecoat) SSL |
| Symantec Web Security for Windows |
| SymantecWebGateway |
| Trend IWSVA Audit Log |
| Trend IWSVA URL Access Log |
| Trend IWSVA URL Block Log |
| Trend IWSVA Update Log |
| Trend IWSVA Virus Log |
| Trend-Micro IWSVA URL log |
| Websense Security Gateway Anywhere |
| Websense Web Filter and Websense Web Security |
| Websense Web Filter and Websense Web Security Database |
| Webtitan |
| eSafe |
| Routers/Switches |
| 3Com Switch |
| AXIA Ethernet Switch |
| Adtran Atlas Switch |
| Adtran NetVanta Router |
| Aerohive log |
| Alcatel-Lucent OmniSwitch |
| Allied Telesis Routers and Switches |
| Arista switches |
| Aruba Wireless Access Point |
| Aruba Wireless Access Point 3x |
| Aruba2930 |
| Avaya/Nortel VSP 7000 Ethernet Routing Switch |
| Blade RackSwitch |
| Bluesocket vWLAN |
| Brocade Iron Series |
| Brocade VDX Switches |
| Brocade Vyatta Router |
| Cisco 4000 Series Integrated Services Routers (ISRs), Intelligent WAN platform |
| Cisco CatOS |
| Cisco Nexus NX-OS |
| Cisco Small Business 300 Series Managed Switch |
| Cisco Wireless LAN Controller and IOS-XE Software |
| Dell Force10 Switch |
| Dell N Series Switches |
| Dell PowerConnect Switches |
| Enterasys C-Series and N-Series Switches |
| Enterasys IdentiFi Wireless Controller |
| Extreme Networks VSP |
| Extreme Switch |
| Foundry |
| FreeWave |
| HP MSM700 Series Controller |
| HP ProCurve 1910-24G-PoE Switch and H3C |
| HP ProCurve Switches Firmware F.05.65+ Zl Series |
| HP Router |
| Hirschmann OpenRail System Compact Switch |
| Huawei Switches |
| Juniper JUNOS |
| Junos Pulse Gateway |
| Meru Wireless |
| MetaSwitch Universal Media Gateway |
| Mikrotik Routers |
| Motorola WLAN Controller |
| Motorola WS2000 snmp |
| Netgear Switch |
| Nortel Baystack |
| Nortel Contivity 200 Series |
| Nortel Ethernet Routing Switch 4500 Series |
| Nortel WLAN Security Switch |
| Proxim Orinoco WAP |
| QLogic Fibre Channel Switch |
| Raritan Dominion Switch |
| Ruckus ZoneDirector Wireless LAN Controller |
| RuggedCom Switch |
| SilverPeak WAN Acceleration and Optimization |
| Telco Switch |
| Xirrus WiFi Array |
| ZyXEL P-660HW-T |
| ZyXEL XGS4528F |
| Security and UTM |
| Cyberoam UTM |
| Enforcive Enterprise Security |
| FireEye Malware Protection System |
| FortiGate 2.5 |
| FortiGate 2.8+ |
| FortiGate 300C |
| FortiMail Email Security Appliances |
| McAfee Network and Security Platform (IntruShield) - deprecated |
| Meraki MX |
| Proofpoint Enterprise Protection |
| SmoothWall Unified Threat Manager |
| Sophos UTM 9 |
| Sophos UTM 9 (non unix syslog timestamp) |
| WatchGuard Firebox |
| WatchGuard Firebox X Edge E-Series |
| WatchGuard SOHO |
| WatchGuard Xcore |
| Zscaler Web Security / Advanced Security |
| cyphort threat protection |
| fireEye HX |
| Storage |
| Dell Compellent storage |
| Dell Equallogic storage area network systems |
| HP StorageWorks Modular Smart Array |
| IBM NetApp ONTAP |
| NetApp |
| NetApp ONTAP OnCommand |
| Qumulo |
| System Scan Reporters |
| ForeScout CounterACT NAC |
| Nessus Message |
| Nessus Report |
| Nessus Security Scanner NBE Report |
| Nessus XML Report |
| PatchLink Vulnerability |
| QualysGuard Scan Report |
| Rapid7 NeXpose Vulnerability Scanner |
| Retina |
| VPN and Remote Access |
| Array Networks SPX |
| Azure Multi-Factor Authentication Server |
| Barracuda SSL VPN Connector |
| Cisco VPN |
| Citrix Secure Access Gateway |
| Citrix Secure Gateway Access - XenApp Server |
| Citrix XenDesktop |
| Citrix XenServer auth log |
| Citrix XenServer daemon log |
| Corente AWB |
| FirePass SSL VPN |
| Neo Accel SSL VPN |
| Neoteris VPN/Juniper SA series |
| Netgear SSL VPN Concentrator SSL312 |
| Netilla VPN |
| Nortel Contivity |
| OpenVPN |
| Permeo VPN |
| PulseSecure |
| RemotelyAnywhere / LogMeIn |
| Riverbed Steelhead WAN Optimization |
| SonicWALL Aventail SSL VPN E-Class and SMA |
| SonicWALL SSL VPN |
| SonicWall E-Class SRA |
| Ultra VNC |
| VMware Horizon 7 |
| WatchGuard Vclass |
| WatchGuard Vclass (Alarm) |
| WatchGuard Vclass (VPN) |
| pcAnywhere |
| WebServer |
| AnyEvent |
| Apache Access |
| Apache Access Rotating |
| Apache Error |
| Apache Error Rotating |
| Apache Tomcat isapi_redirect |
| Atlassian BitBucket Server |
| EscalationAssignmentAbortedEvent |
| Guidewire |
| IIS error connector |
| Incapsula Web Application Firewall |
| LanguageAssignmentEvent |
| Localhost Apache Access |
| Microsoft Forefront Threat Management Gateway 2010 Web Proxy(W3C Server file format) |
| Microsoft IIS Advanced Logging |
| Microsoft IIS Web Server 10.0 (W3C Extended file format) |
| Microsoft IIS Web Server 5.0 (W3C Extended file format) |
| Microsoft IIS Web Server 6.0 (W3C Extended file format) |
| Microsoft IIS Web Server 7.0 (W3C Extended file format) |
| Microsoft IIS Web Server 8.5 (W3C Extended file format) |
| Microsoft IIS Web Server 8.5 (W3C Extended file format) Enhanced Logging |
| MicrosoftIISLogging via Windows Event Log |
| MilestoneXProtect_C |
| MilestoneXProtect_Configuration |
| MilestoneXProtect_audit |
| NGINX Error |
| NetMotion Mobility Server_mobility events |
| NetMotion Mobility Server_nmact events |
| NetMotion Mobility Warehouse_Access events |
| NetMotion Mobility Warehouse_Error events |
| SignonEvents |
| SingleSignonEvents |
| Syncplify.Me (W3C Extended File Format) |
| Tomcat ASC Config Change event |
| Tomcat Cluster Event |
| Tomcat Common daemon |
| Webdefend-Trustwave |
| Websphere 7 SystemOut Log |
