Exabeam Data Sources

This table lists the out-of-the-box supported Data Sources. This list is auto-generated by Vendor/Product fields.

Vendor	Product
1password	1password
Abnormal Security	Abnormal Security
Absolute	Absolute DDS
Accellion	Kiteworks
Adaxes	Adaxes
Admin By Request	Admin By Request
Adobe	Adobe Experience Manager
AIM Security	AI Security
Airlock	Airlock Allowlisting
Akamai	Akamai Guardicore Akamai SIEM Cloud Akamai
AlgoSec	AlgoSec Firewall Analyzer
Amazon	Amazon EKS Amazon Inspector Amazon Q Amazon RDS Amazon Route 53 Amazon S3 AWS Bastion AWS CloudTrail AWS CloudWatch AWS Elastic Load Balancer AWS GuardDuty AWS Network Firewall AWS Redshift AWS Simple Email Service AWS SSM AWS WAF VPC Flow Logs
Apache	Apache Apache Guacamole Apache Subversion Apache Tomcat
APC	APC
Apple	macOS
AppSense	AppSense Application Manager
Arbor	Arbor Cloud
Arctic Wolf	Cylance PROTECT
Armis	Armis Platform
Armorblox	Armorblox
AssetView	AssetView
Atlassian	Atlassian Atlassian BitBucket Atlassian Guard
Attivo	BOTsink
Auth0	Auth0
Avaya	Avaya Ethernet Routing Switch
Axway	Axway Gateway
Badge	Badge
Barracuda	Barracuda Cloudgen Firewall Barracuda Email Security Gateway Barracuda WAF
BeyondTrust	BeyondInsight BeyondTrust BeyondTrust Privileged Identity BeyondTrust Remote Support BeyondTrust Secure Remote Access
Bitdefender	GravityZone
Bitglass	Bitglass CASB
BlackBerry	BlackBerry Protect
BlueCat Networks	BlueCat Networks
Box	Box Cloud Content Management Box Shield
CA Technologies	CA Privileged Access Manager Server Control
Canon	imageRUNNER ADVANCE
CatoNetworks	Cato Cloud
CDS	CDS
Check Point	Check Point Anti-Malware Check Point Avanan Check Point Endpoint Security Check Point Identity Awareness Check Point NGFW Check Point Security Gateway Check Point Threat Emulation Harmony SaaS SmartDefense
Checkmarx	Checkmarx
Cimcor	CimTrak
Cisco	Cisco Cisco Adaptive Security Appliance Cisco Cloud Security Cisco Collaboration Cisco Cyber Vision Cisco Data Center Cisco Email Security Cisco Identity and Access Management Cisco Identity Intelligence Cisco IOS Cisco ISE Cisco Network Infrastructure and Management Cisco Network Monitoring and Analytics Cisco Network Security Cisco Remote Access Security Cisco Secure Endpoint Cisco Secure Firewall Management Center Cisco Secure Network Analytics Cisco Web Security Cisco Wireless Networking Duo Access
Citrix	Citrix Gateway Citrix Secure Private Access Citrix Security Analytics Citrix Virtual Apps Citrix Web App Firewall
Claroty	Claroty CTD
Click Studios	Passwordstate
Cloudflare	Cloudflare Audit Cloudflare Insights Cloudflare WAF
Cohesity	Cohesity DataPlatform
Commvault	Commvault Commvault ThreatWise
Corelight	Corelight IDS
Cribl	Cribl
CrowdStrike	Falcon Identity Threat Detection & Response
CrushFTP	CrushFTP
CyberArk	CyberArk Privilege Access Manager
Cybereason	Cybereason
Cyberhaven	Cyberhaven DLP
Cyera	Omni DLP
Cylance	Cylance OPTICS
Cynet	Cynet EDR
Darktrace	Darktrace
DataWatch Systems	DataWatch
Delinea	Centrify Audit and Monitoring Service Centrify Authentication Service Centrify Infrastructure Services Centrify Zero Trust Privilege Services Secret Server
Dell	EMC Isilon PowerMax PowerProtect PowerProtect Data Manager PowerStore Sonicwall
Digital Arts	Digital Arts i-FILTER for Business
Digital Guardian	Digital Guardian Endpoint Protection Digital Guardian Network DLP
Dnsmasq	Dnsmasq
Dragos	Dragos Platform
Dropbox	Dropbox
Dtex Systems	DTEX InTERCEPT
Egnyte	Egnyte
Entrust	Entrust Identity Enterprise
Epic	Epic SIEM
Ermes	Ermes Browser Security Platform
ESET	ESET Endpoint Security
Exabeam	Advanced Analytics Audit Log Correlation Rule NG Analytics Phishing Detection Search
Extrahop	Extrahop Reveal(x)
Extreme Networks	EXOS Platform ONE Universal ZTNA Zebra WLAN Management
F-Secure	F-Secure Client Security F-Secure Policy Manager
F5	BIG-IP F5 LBR F5 Access Policy Manager F5 Advanced Firewall Manager F5 Advanced Web Application Firewall F5 Application Security Manager F5 BIG-IP F5 BIG-IP DNS F5 Distributed Cloud F5 Silverline F5 WebSafe NGINX
Fastly	Next-Gen Web Application Firewall
FireMon	FireMon
Forcepoint	Forcepoint DLP Forcepoint Email Security Forcepoint Next-Gen Firewall Websense Security Gateway
Forescout	Forescout CounterACT
Fortinet	FortiAuthenticator FortiClient FortiGate FortiNAC Fortinet Enterprise Firewall Fortinet UTM Fortinet VPN FortiSIEM Fortiweb Web Application Firewall FortiXDR
FreeBSD	FreeBSD
FTP	FTP
Gallagher	Gallagher Access Control
Gamma	Gamma
GitHub	GitHub
GitLab	GitLab
GoAnywhere	GoAnywhere MFT
Google	GCP CloudAudit Gemini Enterprise Google Cloud Platform Google Workspace Security Command Center
Halcyon	Halcyon
HelpSystems	Powertech Identity and Access Manager
Hornet	Hornetsecurity Cloud Email Security Services
HP	Aruba ClearPass Policy Manager Aruba Mobility Master Aruba Wireless controller ArubaOS HP iLO HP LaserJet Printer HP Print Server HPE 3PAR StoreServ HPE Comware NonStop
Huawei	Huawei Enterprise Network Firewall Huawei Unified Security Gateway
HUMAN Security	HUMAN Bot Defender
IBM	Guardium HCL Notes IBM IBM Datapower IBM Mainframe QRadar SIEM Security Access Manager Sterling B2B Integrator
iBoss	Iboss Cloud
Illumio	Illumio Core
Imperva	Attack Analytics Imperva Incapsula Imperva SecureSphere
Imprivata	Imprivata
IMSS	IMSS
IMSVA	IMSVA
Infoblox	BloxOne DDI Infoblox NetMRI Infoblox NIOS
Informatica	Informatica Cloud
Int64 Software	OVERLAPS
Ipswitch	MoveIt Transfer
IPTables	IPTables FW
Ironscales	Ironscales
Island	Island Enterprise Browser
Ivanti	Ivanti Pulse Secure
Jamf	Jamf Protect
Johnson Controls	Johnson Controls P2000
Jumpcloud	Jumpcloud
Juniper Networks	Juniper SRX Series Junos OS
Kasada	Kasada
Kaspersky	Kaspersky Endpoint Security for Business
Keeper Security	Keeper
Kemp	Kemp LoadMaster
KnowBe4	Security Awareness Training
Kong	Kong Gateway
LanScope	LanScope Cat
LastPass	LastPass
Lenel	OnGuard
Libraesva	Libraesva Email Security
LiquidFiles	LiquidFiles
LogRhythm	LogRhythm NetMon
Lookout	Lookout
Malwarebytes	Malwarebytes Endpoint Protection
ManageEngine	ADAuditPlus ADManager Plus ADSSP PAM360
MariaDB	MariaDB
MasterSAM	MasterSAM PAM
McAfee	McAfee Web Gateway
Menlo Security	Menlo Security
MicroFocus ArcSight	MicroFocus ArcSight
Microsoft	Active Directory Federation Services Azure Azure AD Activity Logs Azure AD Sign-In Logs Azure ATP Azure Container Registry Azure DevOps Azure Event Hub Azure Firewall Azure Key Vault Azure Kubernetes Service Azure MFA Azure Monitor Azure Monitor - VM Insights Azure Network Watcher Copilot Event Viewer - ADFS Event Viewer - ADWS Event Viewer - Application Event Viewer - Applocker Event Viewer - AzureADPasswordProtection-DCAgent Event Viewer - AzureADPasswordProtection-ProxyService Event Viewer - BFE Resorce Flows Event Viewer - BITS-Client Event Viewer - CAPI2 Event Viewer - CertificateServicesClient Event Viewer - CodeIntegrity Event Viewer - DFS-Replication Event Viewer - Directory-Service Event Viewer - DNSClient Event Viewer - DNSServer Event Viewer - FileShareShadowCopyProvider Event Viewer - Kerberos-Key-Distribution-Center Event Viewer - Kernel-IO Event Viewer - Kernel-PnP Event Viewer - KnownFolders Event Viewer - Licensing-Platform Event Viewer - LiveId Event Viewer - LSA Event Viewer - NetworkProfile Event Viewer - NPS Event Viewer - NTLM Event Viewer - OpenSSH Event Viewer - PowerShell Event Viewer - PrintService Event Viewer - RemoteDesktopServices Event Viewer - Security Event Viewer - Setup Event Viewer - SMB Event Viewer - System Event Viewer - TaskScheduler Event Viewer - TerminalServices Event Viewer - TerminalServices-Gateway Event Viewer - TerminalServices-LocalSessionManager Event Viewer - TerminalServices-RemoteConnectionManager Event Viewer - Windows Firewall Event Viewer - WinNat Event Viewer - WinRM M365 Audit Logs Microsoft 365 Microsoft Advanced Threat Analytics Microsoft CAS Microsoft Defender Microsoft Defender for Cloud Microsoft DHCP Log Microsoft DNS Log Microsoft Entra Microsoft Exchange Microsoft IIS Microsoft Intune Microsoft Network Policy Server Microsoft Purview Microsoft RRAS Microsoft Sentinel Microsoft WMI Log MSSQL NetLogon Network Security Group Flow Logs Sysmon Windows Windows Defender Application Control Windows Device registration service
Mimecast	Code42 Incydr Mimecast Secure Email Gateway Mimecast Targeted Threat Protection - URL
Monday.com	Monday.com
MongoDB	MongoDB
Mvision	Mvision
Mysql	Mysql
N3K	N3K
Nagios	Nagios
Nasuni	Nasuni
NetApp	NetApp NetApp Ontap
NetMotion Wireless	NetMotion Wireless
Netskope	Netskope CASB Netskope Security Cloud Netskope Webtx
Netwrix	Netwrix Auditor
NextDLP	Reveal
Nightfall	Nightfall AI
NNT	NNT ChangeTracker
Nozomi Networks	Nozomi Networks Guardian
Obsidian Security	SaaS Security
Okta	Okta Adaptive MFA
Onapsis	Onapsis
OneLogin	OneLogin
OneSpan	Digipass for Apps
OneWelcome	OneWelcome Cloud Identity Platform
Open Shift	OpenShift
Open VPN	Open VPN
OpenAI	ChatGPT OpenAI
OpenDJ	OpenDJ
OpenLDAP	OpenLDAP
Oracle	Oracle Cloud Infrastructure Oracle Database Oracle Public Cloud Solaris
Ordr	Ordr SCE
Osquery	Osquery
OSSEC	OSSEC
oVirt	oVirt
PacketFence	PacketFence
PagerDuty	PagerDuty
Palo Alto Networks	Cortex XDR Cortex XSOAR GlobalProtect Palo Alto Aperture Palo Alto NGFW Palo Alto WildFire Prisma Access Prisma Cloud
Password Manager Pro	Password Manager Pro
Perforce	Perforce
pfSense	pfSense
Picture Perfect	Picture Perfect
Ping Identity	ForgeRock Ping Access Ping Identity PingFederate PingOne
Portkey	Portkey
Portnox	Portnox Cloud
Postfix	Postfix
PostgreSQL	PostgreSQL
PowerDNS	PowerDNS Recursor
PowerSentry	PowerSentry
Progress	Progress ShareFile
Proofpoint	ObserveIT Proofpoint CASB Proofpoint Email Protection Proofpoint Enterprise Protection Targeted Attack Platform
Qualys	Qualys AssetView
Quest Software	Quest Change Auditor for Active Directory Quest Change Auditor for SQL Server
Radware	Alteon Radware WAF
Rapid7	Rapid7 InsightVM
Recorded Future	Recorded Future Threat Intelligence
RedShield	RedShield WAF
Riverbed Steelhead	Riverbed Steelhead
RS2 Technologies	RS2 Technologies
RSA	RSA Authentication Manager RSA NetWitness Platform SecurID
Rubrik	Rubrik Cloud Data Management
Sailpoint	IdentityNow Sailpoint IIQ SecurityIQ
Salesforce	Salesforce
Sangfor	Sangfor NGAF
SAP	SAP
Saviynt	Saviynt
Secomea	Secomea
SecureAuth	SecureAuth IDP SecureAuth Login
SecureLink	SecureLink
SecureNet	SecureNet
SecurEnvoy	SecurEnvoy Multi-Factor Authentication
Semperis	Semperis DSP
SentinelOne	Event Viewer - Sentinelone Scalyr Singularity Platform Vigilance
ServiceNow	ServiceNow
Shibboleth	Shibboleth
Siemens	Siemens Access Control
SIGSCI	SIGSCI
Silverfort	Silverfort Authentication Platform
SiteMinder	Symantec SiteMinder
Skyformation	Skyformation
Skyhigh Security	Secure Web Gateway Skyhigh CASB Skyhigh Security Cloud
SkySea	SkySea ClientView
Slack	Slack
SmartSuite	SmartSuite
Snort	Snort
Snowflake	Snowflake
Sophos	Sophos Endpoint Protection Sophos UTM Sophos XG Firewall Sophos XGS Firewall Sophos ZTNA
Splunk	Splunk ES Splunk Stream
Squid	Squid
StealthBits	StealthIntercept
SunOne	SunOne
Suricata	Suricata
Swift	Swift
Swimlane	Swimlane Turbine
Swivel	Swivel
Symantec	Symantec Advanced Threat Protection Symantec CloudSOC Symantec Content Analysis System Symantec DLP Symantec Email Security Symantec Endpoint Protection Symantec VIP Symantec Web Security Service
Synology NAS	Synology NAS
Sysdig	Sysdig Monitor
Tanium	Tanium Cloud Platform Tanium Core Platform Tanium Integrity Monitor Tanium Threat Response
Tenable	Tenable Cloud Security Tenable Identity Exposure Tenable Vulnerability Management Tenable Web App Scanning
Teradata	Teradata RDBMS
Tessian	Tessian Cloud Email Security
ThoughtSpot	ThoughtSpot
ThreatBlockr	ThreatBlockr
Trellix	Trellix Central Management Trellix Database Security Trellix DLP Endpoint Trellix Email Security Trellix Endpoint Security Trellix Endpoint Security (HX) Trellix ePolicy Orchestrator Trellix Helix Trellix Network Security (NX) Trellix Network Security Platform Trellix Web MPS
Trend Micro	Apex One Deep Discovery Inspector Deep Security OfficeScan TippingPoint NGIPS Trend Micro ScanMail Vision One
Tripwire Enterprise	Tripwire Enterprise
TXOne Networks	StellarOne StellarProtect
Tyco	CCURE Building Management System
Ubiquiti	Unifi Access Point
Unix	Auditbeat rsyslog Unix Unix Auditd Unix dhcpd Unix Named Unix Sendmail
Varonis	Varonis Data Security Platform
VBCorp	VBCorp
Vectra	Vectra Cognito Detect
Veeam	Veeam
Venafi	TLS Protect
Virtru	Virtru
Visma	Megaflex
VMware	Carbon Black App Control Carbon Black CES Carbon Black EDR vCenter VMware AirWatch VMware ESXi VMware Horizon VMware Identity Manager VMware NSX VMware VeloCloud SD-WAN VMware View
Vormetric	Vormetric
Wallix	Wallix Bastion
Watchguard	Watchguard
Weblogin	Weblogin
Wiz	Wiz
Workday	Workday
xPLAN	xPLAN
XPS	XPS
Zeek	Zeek
Zero Networks	Zero Networks
ZeroFox	ZeroFox Protection
Zimperium	Zimperium MTD
Zoom	Zoom
Zscaler	FW Zscaler Cloud Zscaler Breach Predictor Zscaler Deception Zscaler Internet Access Zscaler Private Access
Zyxel Networks	Zyxel USG FLEX