Перечень поддерживаемых источников

Данная таблица содержит список информационных систем, из которых в SIEM поступают события. Для указанных источников разработаны правила нормализации.

Вендор	Продукт	Версия	Класс	Тип подключения	ID правила нормализации	Комментарий
R-Vision	Universal CEF	-	-	Syslog	RV-N-18	Правило нормализации для сбора и обработки событий в формате ArcSight CEF. Используется для всех источников перечня с типом подключения "Universal CEF".
1С	Битрикс24	24	Application	DB(MySQL)	RV-N-3
1С	Предприятие	8.3	ERP	Агент R-Vision Endpoint Скрипт	RV-N-1 RV-N-2
АйТи Бастион	СКДПУ НТ Мониторинг и аналитика	-	PAM	Universal CEF	RV-N-18
Астра	ALD Pro	2.0.0	LDAP	Syslog	RV-N-38 RV-N-39 RV-N-40 RV-N-41
Астра	Astra Linux	1.7	OS	Агент R-Vision Endpoint	RV-N-57
Атом Безопасность	StaffCop	5.5	DLP	Syslog CEF	RV-N-118
Гарда	Гарда Монитор (NDR)	4	NDR	Syslog CEF	RV-N-163
Гарда	Гарда DBF	5	DBF	Syslog CEF	RV-N-138
Гарда	Гарда DLP	1.0	DLP	Syslog	RV-N-171
Гарда	Гарда WAF	2.4	WAF	DB (PostgreSQL)	RV-N-144
ИнфоТеКС	ViPNet IDS NS	3.10	IDS	Syslog CEF	RV-N-145
ИнфоТеКС	ViPNet TIAS	3.10	TI (IDS Center)	Syslog CEF	RV-N-146
Конфидент	Dallas Lock ЕЦУ	2	AM	Syslog DB (PostgreSQL)	RV-N-133 RV-N-135
Конфидент	Dallas Lock СБ	8 10	AM	Syslog DB (MSSQL)	RV-N-134 RV-N-135
Открытая Мобильная Платформа	Аврора Центр	5	Application	DB(PostgreSQL)	RV-N-162
Ред Софт	RedOS	7	OS	Агент R-Vision Endpoint	RV-N-57
Сайберпик	Спектр	3.5		Syslog CEF	RV-N-141
Солар	Solar Dozor	7 8	DLP	Syslog	RV-N-113
Солар	Solar inRights	3	IDM	Syslog	RV-N-114
Солар	Solar webProxy	4.1	DLP	Syslog	RV-N-115 RV-N-116
AhnLabs	Absolute Data and Device Security (DDS)	-	DLP	Universal CEF	RV-N-18
AhnLabs	AhnLab Malware Defense System (MDS)	-	Sandbox	Universal CEF	RV-N-18
Altex Soft	RedCheck Scanner	2.9	VM	Syslog	RV-N-104
Apache	Cassandra	4.1	DB	Syslog	RV-N-6
Apache	HTTP-server	2	Web	Агент R-Vision Endpoint Syslog	RV-N-7 RV-N-8
Apple	MacOS	10 11	OS	Агент R-Vision Endpoint	RV-N-9 RV-N-174
Atlassian	Confluence	8	Business	Syslog	RV-N-10 RV-N-11
Atlassian	Jira	9 10	Business	Syslog	RV-N-12 RV-N-13
Avigilon	Avigilon Access Control Manager (ACM)	-	ACM	Universal CEF	RV-N-18
AVSoft	Athena	1.4	Sandbox	Syslog	RV-N-4
Ayehu	Ayehu eyeShare	-	ITSM	Universal CEF	RV-N-18
Barracuda	Barracuda Networks NG Firewall	-	NGFW	Universal CEF	RV-N-18
BeyondTrust	BeyondTrust BeyondInsight	-	PAM	Universal CEF	RV-N-18
BeyondTrust	BeyondTrust Privilege Management Console	-	PAM	Universal CEF	RV-N-18
BIND	BIND DNS	9.9	Application	Syslog	RV-N-14 RV-N-15 RV-N-16 RV-N-17 RV-N-142
Bloombase	Bloombase StoreSafe	-	Application	Universal CEF	RV-N-18
BMC	BMC CorreLog	-	SIEM	Universal CEF	RV-N-18
Bricata	Bricata ProAccel	-	IPS	Universal CEF	RV-N-18
Brinqa Risk	Brinqa Risk Analytics	-	ROC (Risk Operation Center)	Universal CEF	RV-N-18
Broadcom	Broadcom Symantec Advanced Threat Protection (ATP)	-	TP	Universal CEF	RV-N-18
Broadcom	Broadcom Symantec Endpoint Protection Mobile	-	AV	Universal CEF	RV-N-18
Broadcom	Broadcom Symantec Threat Hunting Center	-	TH	Universal CEF	RV-N-18
Canonical	Ubuntu	1804 2004 2204 2404	OS	Агент R-Vision Endpoint	RV-N-57
Check Point	Firewall	R80+	NGFW	Syslog CEF	RV-N-19
Check Point	Gaia	R80+	OS	Syslog	RV-N-20
Cisco	ASA	8.4 9	FW	Syslog	RV-N-22
Cisco	IOS	12 13 14 15	Network	Syslog	RV-N-24
Cisco	IOS XE	17	Network	Syslog	RV-N-25
Cisco	IOS XR	24	Network	Syslog	RV-N-26
Cisco	Nexus	10.1	Network	Syslog	RV-N-27
Cisco	Secure Email Gateway (SEG)	-	GW	Universal CEF	RV-N-18
Cisco	Secure Firewall Management Center	-	MC	Universal CEF	RV-N-18
Cisco	FirePower	6 7	IPS	Syslog	RV-N-23
Cisco	IPFIX	v10	Network	Netflow	RV-N-87
Cisco	Netflow v5	v5	Network	Netflow	RV-N-86
Cisco	Netflow v9	v9	Network	Netflow	RV-N-88
Citrix	NetScaler	13 14	Gateway	Syslog	RV-N-28
Citrix	Virtual App and Desktops (VAD)	7	VDI	Syslog	RV-N-29 RV-N-30
Citrix	XenApp	7	HV	DB(MSSQL)	RV-N-127
Claroty	Claroty Continuous Threat Detection	-	TP	Universal CEF	RV-N-18
ClickHouse	ClickHouse	23 24 25	DB	DB(ClickHouse)	RV-N-31
CloudPassage	CloudPassage Halo	-	TP	Universal CEF	RV-N-18
Corvil	Corvil Network Analytics	-	Application	Universal CEF	RV-N-18
Cribl	Cribl Stream	-	Application	Universal CEF	RV-N-18
CrowdStrike	Falcon Host	-	SOC Application	Universal CEF	RV-N-18
CyberArk	CyberArk Privileged Threat Analytics (PTA)	-	TP	Universal CEF	RV-N-18
Debian	Debian	10 11 12	OS	Агент R-Vision Endpoint	RV-N-57
DeepInstinct	DeepInstinct	-	VM	Universal CEF	RV-N-18
Delinea	Delinea Secret Server	-	Vault	Universal CEF	RV-N-18
Digital Guardian	Digital Guardian Endpoint Threat Detection	-	TD	Universal CEF	RV-N-18
DistKontrol	DistKontrolUSB	5	SW	Syslog	RV-N-32
Dragos	Dragos Platform	-	TD	Universal CEF	RV-N-18
EclecticIQ	EclecticIQ Intelligence Center	-	TD	Universal CEF	RV-N-18
Edge Technologies	Edge Technologies AppBoard and enPortal	-	Application	Universal CEF	RV-N-18
Eltex	ESR	1.18	GW	Syslog	RV-N-33
Eltex	MES	1.28	SW	Syslog	RV-N-34
Eltex	vESR	1.18	GW	Syslog	RV-N-33
ESET	ESET Protect	-	AV	Universal CEF	RV-N-18
F5	Big-IP Advanced Firewall Manager (AFM)	-	FW Manager	Universal CEF	RV-N-18
FFR yarai	FFRI	-	AV	Universal CEF	RV-N-18
FireEye	FireEye CM Series	-	CMS	Universal CEF	RV-N-18
FireEye	FireEye Malware Protection System	-	AV	Universal CEF	RV-N-18
Forcepoint	Forcepoint NGFW	-	NGFW	Universal CEF	RV-N-18
Forcepoint	Forcepoint SMC	-	SMC	Universal CEF	RV-N-18
Fortinet	Fortigate	6.4 7.2 7.4	NGFW	Syslog	RV-N-37
Fortinet	Fortinet FortiSOAR	-	SOAR	Universal CEF	RV-N-18
FreeIPA	FreeIPA	3 4	Application	Syslog	RV-N-38 RV-N-39 RV-N-40 RV-N-41
Gigamon	Gigamon GigaVUE	-	Application	Universal CEF	RV-N-18
Gitlab	Gitlab	17 18	Application	Syslog	RV-N-42
HAProxy	HAProxy	2.4	Application	Syslog	RV-N-44
Hewlett Packard Enterprise	Aruba ClearPass	-	Application	Universal CEF	RV-N-18
Hewlett Packard Enterprise	ArubaOS-CX	-	Switch	Syslog	RV-N-43
Hewlett Packard Enterprise	ProCurve	-	SW	Syslog	RV-N-132
Huawei	USG	5	NGFW	Syslog	RV-N-172
IBM	IBM InfoSphere Guardium	-	Application	Universal CEF	RV-N-18
Illumio	Illumio Policy Compute Engine (PCE)	-	Application	Universal CEF	RV-N-18
Imperva	Imperva Incapsula	-	AntiDDoS	Universal CEF	RV-N-18
Imperva	Imperva SecureSphere	-	SecurityPlatform	Universal CEF	RV-N-18
Infotecs	ViPNet Coordinator	4	NGFW	Syslog	RV-N-46
InfoWatch	Traffic Monitor	3	DLP	DB	RV-N-45
Intralinks	Intralinks VIA	-	Application	Universal CEF	RV-N-18
JetBrains	TeamCity	2023 2024	Application	Syslog	RV-N-47 RV-N-48 RV-N-136
Juniper	JunOS	21 23	NGFW	Syslog	RV-N-49
Kaspersky	Kaspersky Anti Targeted Attack (КАТА)	7	Sandbox	Syslog	RV-N-50
Kaspersky	Kaspersky CyberTrace	5	AV	Syslog	RV-N-166
Kaspersky	Kaspersky Secure Mail Gateway	2.1	AV	Syslog CEF	RV-N-18
Kaspersky	Kaspersky Security Center	14	AV	DB MS SQL DB MySQL (MariaDB) DB PostgreSQL Syslog CEF	RV-N-51 RV-N-130
Kaspersky	Kaspersky Web Traffic Security	6.1	AV	Syslog	RV-N-52
Kubernetes	Kubernetes	1.18	Application	Vector	RV-N-53 RV-N-54
Lieberman	Lieberman Application ERPM	-	Vault	Universal CEF	RV-N-18
Lighttpd	Lighttpd	2.4	Web	Syslog	RV-N-160 RV-N-161
Mattermost	Mattermost	9	Application	Syslog	RV-N-129
Microsoft	Active Directory Domain Services	2008—2022	Application	Агент R-Vision Endpoint	RV-N-147
Microsoft	Active Directory Web Services	2008—2022	Application	Агент R-Vision Endpoint	RV-N-58
Microsoft	DHCP Server	2008—2022	Application	Агент R-Vision Endpoint	RV-N-59
Microsoft	DNS Server	2008—2022	Application	Агент R-Vision Endpoint	RV-N-60 RV-N-61 RV-N-62
Microsoft	Exchange	2019	Application	Агент R-Vision Endpoint	RV-N-63
Microsoft	Microsoft IIS	2008—2022	WEB	Агент R-Vision Endpoint	RV-N-64
Microsoft	Microsoft WMI	-	OS	WMI	RV-N-126
Microsoft	SQL Server	2008—2022	DB	DB Агент R-Vision Endpoint	RV-N-69 RV-N-70
Microsoft	System Center Configuration Manager	-	Application	Агент R-Vision Endpoint	RV-N-65 RV-N-66 RV-N-67
Microsoft	System Center Operations Manager	-	Application	Агент R-Vision Endpoint	RV-N-68
Microsoft	Terminal Services	-	Application	Агент R-Vision Endpoint	RV-N-78
Microsoft	Windows AppLocker	-	OS	Агент R-Vision Endpoint	RV-N-72
Microsoft	Windows Bits	-	OS	Агент R-Vision Endpoint	RV-N-73
Microsoft	Windows PowerShell	-	OS	Агент R-Vision Endpoint	RV-N-74
Microsoft	Windows Security	-	OS	Агент R-Vision Endpoint	RV-N-157
Microsoft	Windows Sysmon	-	OS	Агент R-Vision Endpoint	RV-N-76
Microsoft	Windows TakScheduler	-	OS	Агент R-Vision Endpoint	RV-N-77
Microsoft	Windows Terminal Service Gateway	-	Application	Агент R-Vision Endpoint	RV-N-79
Microsoft	Windows WinRM	-	OS	Агент R-Vision Endpoint	RV-N-71
Mikrotik	Router OS	6 7	SW/Router/FW	Syslog	RV-N-80
MongoDB	MongoDB	7 8	DB	Syslog	RV-N-81
Netgate	pfSense	2.7 2.8	Application	Syslog	RV-N-164
NetIQ	NetIQ Identity Manager	-	IM	Universal CEF	RV-N-18
NetScout	NetScout Systems nGenius Performance Manager	-	Application	Universal CEF	RV-N-18
Netskope	Cloud Access Security Broker	-	Application	Universal CEF	RV-N-18
Netwrix	Netwrix Auditor	-	Application	Universal CEF	RV-N-18
Nextcloud	Nextcloud	26 27 28 29	Application	Syslog	RV-N-167
Nexthink	Nexthink Engine	-	Application	Universal CEF	RV-N-18
Nginx	Nginx	1.26 1.27 1.28	Web	Агент R-Vision Endpoint Syslog	RV-N-84 RV-N-85 RV-N-139
NIKSUN	NIKSUN NetDetector	-	Application	Universal CEF	RV-N-18
One Identity	One Identity Privileged Session Management	-	PAM	Universal CEF	RV-N-18
OpenBao	OpenBao	2.1	Application	Syslog	RV-N-89
OpenVPN	OpenVPN	2.4 2.6	VPN	Syslog	RV-N-90 RV-N-91
OpenVPN	OpenVPN Access Server	2	Application	Syslog	RV-N-165
Oracle	MySQL	8	DB	Syslog DB(MySQL)	RV-N-82 RV-N-83
Oracle	OracleDB	21	DB	Syslog	RV-N-92
Orion Soft	zVirt (oVirt)	4	Virtualization	DB (PostgreSQL)	RV-N-158
PagerDuty	PagerDuty	-	Application	Universal CEF	RV-N-18
Palo Alto	Palo Alto Cortex Data Lake	-	Application	Universal CEF	RV-N-18
Palo Alto	Palo Alto Networks PANOS	-	Application	Universal CEF	RV-N-18
Passbolt	Passbolt	4	Vault	Syslog	RV-N-93
Passwork	Passwork	-	Vault	Syslog CEF	RV-N-94
Penta Security	WAPPLES	-	WAF	Universal CEF	RV-N-18
Positive Technologies	Application Firewall	3	WAF	Syslog	RV-N-95 RV-N-96
Positive Technologies	Application Firewall	4	WAF	Syslog	RV-N-97
Positive Technologies	Industrial Security Incident Manager	5	NTA (в сегмент АСУ ТП)	Syslog	RV-N-159
Positive Technologies	Network Attack Discovery	-	NTA	Syslog	RV-N-128
Positive Technologies	Sandbox	4	Sandbox	Syslog	RV-N-98
PostgreSQL	PostgreSQL	14 17	DB	Syslog	RV-N-100
Progress	Kemp LoadMaster	-	Application	Universal CEF	RV-N-18
Proofpoint	Proofpoint Insider Threat Management	-	TD	Universal CEF	RV-N-18
Proxmox	Proxmox Virtual Environment	8	HV	Syslog	RV-N-101
R-Vision	R-Vision SOAR	-	IM	Syslog	RV-N-131
R-Vision	R-Vision TDP	-	TDP	Syslog	RV-N-102
R-Vision	R-Vision TIP	-	TIP	Syslog CEF	RV-N-103
Recorded Future	Threat Intelligence Platform	-	TIP	Universal CEF	RV-N-18
Red Hat	Ansible Tower	v3	Application	Syslog	RV-N-5
Red Hat	AWX	24	Application	Syslog	RV-N-5
Linux	Linux Auditd	-	OS	Агент R-Vision Endpoint Syslog	RV-N-55 RV-N-56 RV-ET-2 RV-A-1
Red Hat	Red Hat Enterprise Linux	7 8 9	OS	Агент R-Vision Endpoint	RV-N-57
Redis	Redis Enterprise DB	7.2	DB	Syslog	RV-N-105
ReversingLabs	ReversingLabs N1000 Appliance	-	Application	Universal CEF	RV-N-18
Rocky Foundation	Rocky Linux	8 9 10	OS	Агент R-Vision Endpoint	RV-N-57
S-Terra	S-Terra Gate	4.3	VPN	Syslog	RV-N-106
SailPoint	SailPoint IdentityIQ	-	IDM	Universal CEF	RV-N-18
SberTech	Platform V Pangolin SE	6	DB	Syslog	RV-N-107
Searchinform	Searchinform DLP	-	DLP	Universal CEF	RV-N-18
Security Code	Континент	4	NGFW	Syslog	RV-N-112
Security Code	SecretNet Studio	8	ACM	DB (MSSQL)	RV-N-109 RV-N-110
Security Code	SecretNet Studio LSP	1.12	ACM	Syslog	RV-N-108
SentinelOne	SentinelOne	-	EDR	Universal CEF	RV-N-18
Squid	Squid	6 7	Proxy	Syslog	RV-N-117
Suricata	Suricata	7 8	Application	Syslog	RV-N-140
ThreatConnect	Threat Intelligence Platform	-	TIP	Universal CEF	RV-N-18
ThreatQuotient	ThreatQuotient	-	Application	Universal CEF	RV-N-18
TrapX	DeceptionGrid	-	Deception	Universal CEF	RV-N-18
Trend Micro	Trend Micro Control Manager	-	Application	Universal CEF	RV-N-18
Trend Micro	Trend Micro Deep Security	-	Application	Universal CEF	RV-N-18
Trend Micro	Trend Micro NGFW	-	NGFW	Universal CEF	RV-N-18
Trustwave	Application Security DbProtect	-	WAF	Universal CEF	RV-N-18
Usergate	Usergate NGFW	6	NGFW	Syslog	RV-N-35
Usergate	Usergate UTM	6	UTM	Syslog	RV-N-36
Varonis	DatAdvantage	-	Data Protection	Universal CEF	RV-N-18
Veeam	Veeam Backup	11	Backup	Агент R-Vision Endpoint	RV-N-122
Veriato	Veriato 360	-	UEBA	Universal CEF	RV-N-18
VMware	VMware Carbon Black EDR	-	EDR	Universal CEF	RV-N-18
VMware	VMware ESXi	6 7	HV	Syslog	RV-N-119
VMware	VMware Horizon	7.8	HV	Syslog	RV-N-120
VMware	VMware vCenter	6 7	HV	Syslog	RV-N-121
Vormetric	Vormetric Data Security Manager	-	SMC	Universal CEF	RV-N-18
Votiro	Votiro Disarmer for Windows	-	Application	Universal CEF	RV-N-18
Webroot	Webroot BrightCloud	-	Application	Universal CEF	RV-N-18
Xello	Xello Deception	5.5	Honeypot	Syslog CEF	RV-N-143
Zabbix	Zabbix	6 7	Application	DB (PostgreSQL)	RV-N-124
Zeek	Traffic Parcer	4	Application	Syslog	RV-N-125
Zettaset	BDEncrypt	-	DBF	Universal CEF	RV-N-18
Zscaler	Zscaler Nanolog Streaming Service (NSS)	-	Application	Universal CEF	RV-N-18

Вендор

Продукт

Версия

Класс

Тип подключения

ID правила нормализации

Комментарий

R-Vision

Universal CEF

Syslog

RV-N-18

Правило нормализации для сбора и обработки событий в формате ArcSight CEF.

Используется для всех источников перечня с типом подключения "Universal CEF".

1С

Битрикс24

Application

DB(MySQL)

RV-N-3

1С

Предприятие

8.3

ERP

Агент R-Vision Endpoint

Скрипт

RV-N-1

RV-N-2

АйТи Бастион

СКДПУ НТ Мониторинг и аналитика

PAM

Universal CEF

RV-N-18

Астра

ALD Pro

2.0.0

LDAP

Syslog

RV-N-38

RV-N-39

RV-N-40

RV-N-41

Астра

Astra Linux

1.7

Агент R-Vision Endpoint

RV-N-57

Атом Безопасность

StaffCop

5.5

DLP

Syslog CEF

RV-N-118

Гарда

Гарда Монитор (NDR)

NDR

Syslog CEF

RV-N-163

Гарда

Гарда DBF

DBF

Syslog CEF

RV-N-138

Гарда

Гарда DLP

1.0

DLP

Syslog

RV-N-171

Гарда

Гарда WAF

2.4

WAF

DB (PostgreSQL)

RV-N-144

ИнфоТеКС

ViPNet IDS NS

3.10

IDS

Syslog CEF

RV-N-145

ИнфоТеКС

ViPNet TIAS

3.10

TI (IDS Center)

Syslog CEF

RV-N-146

Конфидент

Dallas Lock ЕЦУ

Syslog

DB (PostgreSQL)

RV-N-133

RV-N-135

Конфидент

Dallas Lock СБ

Syslog

DB (MSSQL)

RV-N-134

RV-N-135

Открытая Мобильная Платформа

Аврора Центр

Application

DB(PostgreSQL)

RV-N-162

Ред Софт

RedOS

Агент R-Vision Endpoint

RV-N-57

Сайберпик

Спектр

3.5

Syslog CEF

RV-N-141

Солар

Solar Dozor

DLP

Syslog

RV-N-113

Солар

Solar inRights

IDM

Syslog

RV-N-114

Солар

Solar webProxy

4.1

DLP

Syslog

RV-N-115

RV-N-116

AhnLabs

Absolute Data and Device Security (DDS)

DLP

Universal CEF

RV-N-18

AhnLabs

AhnLab Malware Defense System (MDS)

Sandbox

Universal CEF

RV-N-18

Altex Soft

RedCheck Scanner

2.9

Syslog

RV-N-104

Apache

Cassandra

4.1

Syslog

RV-N-6

Apache

HTTP-server

Web

Агент R-Vision Endpoint

Syslog

RV-N-7

RV-N-8

Apple

MacOS

Агент R-Vision Endpoint

RV-N-9

RV-N-174

Atlassian

Confluence

Business

Syslog

RV-N-10

RV-N-11

Atlassian

Jira

Business

Syslog

RV-N-12

RV-N-13

Avigilon

Avigilon Access Control Manager (ACM)

ACM

Universal CEF

RV-N-18

AVSoft

Athena

1.4

Sandbox

Syslog

RV-N-4

Ayehu

Ayehu eyeShare

ITSM

Universal CEF

RV-N-18

Barracuda

Barracuda Networks NG Firewall

NGFW

Universal CEF

RV-N-18

BeyondTrust

BeyondTrust BeyondInsight

PAM

Universal CEF

RV-N-18

BeyondTrust

BeyondTrust Privilege Management Console

PAM

Universal CEF

RV-N-18

BIND

BIND DNS

9.9

Application

Syslog

RV-N-14

RV-N-15

RV-N-16

RV-N-17

RV-N-142

Bloombase

Bloombase StoreSafe

Application

Universal CEF

RV-N-18

BMC

BMC CorreLog

SIEM

Universal CEF

RV-N-18

Bricata

Bricata ProAccel

IPS

Universal CEF

RV-N-18

Brinqa Risk

Brinqa Risk Analytics

ROC (Risk Operation Center)

Universal CEF

RV-N-18

Broadcom

Broadcom Symantec Advanced Threat Protection (ATP)

Universal CEF

RV-N-18

Broadcom

Broadcom Symantec Endpoint Protection Mobile

Universal CEF

RV-N-18

Broadcom

Broadcom Symantec Threat Hunting Center

Universal CEF

RV-N-18

Canonical

Ubuntu

1804
2004
2204
2404

Агент R-Vision Endpoint

RV-N-57

Check Point

Firewall

R80+

NGFW

Syslog CEF

RV-N-19

Check Point

Gaia

R80+

Syslog

RV-N-20

Cisco

ASA

Syslog

RV-N-22

Cisco

IOS

Network

Syslog

RV-N-24

Cisco

IOS XE

Network

Syslog

RV-N-25

Cisco

IOS XR

Network

Syslog

RV-N-26

Cisco

Nexus

10.1

Network

Syslog

RV-N-27

Cisco

Secure Email Gateway (SEG)

Universal CEF

RV-N-18

Cisco

Secure Firewall Management Center

Universal CEF

RV-N-18

Cisco

FirePower

IPS

Syslog

RV-N-23

Cisco

IPFIX

v10

Network

Netflow

RV-N-87

Cisco

Netflow v5

Network

Netflow

RV-N-86

Cisco

Netflow v9

Network

Netflow

RV-N-88

Citrix

NetScaler

Gateway

Syslog

RV-N-28

Citrix

Virtual App and Desktops (VAD)

VDI

Syslog

RV-N-29

RV-N-30

Citrix

XenApp

DB(MSSQL)

RV-N-127

Claroty

Claroty Continuous Threat Detection

Universal CEF

RV-N-18

ClickHouse

DB(ClickHouse)

RV-N-31

CloudPassage

CloudPassage Halo

Universal CEF

RV-N-18

Corvil

Corvil Network Analytics

Application

Universal CEF

RV-N-18

Cribl

Cribl Stream

Application

Universal CEF

RV-N-18

CrowdStrike

Falcon Host

SOC Application

Universal CEF

RV-N-18

CyberArk

CyberArk Privileged Threat Analytics (PTA)

Universal CEF

RV-N-18

Debian

Агент R-Vision Endpoint

RV-N-57

DeepInstinct

Universal CEF

RV-N-18

Delinea

Delinea Secret Server

Vault

Universal CEF

RV-N-18

Digital Guardian

Digital Guardian Endpoint Threat Detection

Universal CEF

RV-N-18

DistKontrol

DistKontrolUSB

Syslog

RV-N-32

Dragos

Dragos Platform

Universal CEF

RV-N-18

EclecticIQ

EclecticIQ Intelligence Center

Universal CEF

RV-N-18

Edge Technologies

Edge Technologies AppBoard and enPortal

Application

Universal CEF

RV-N-18

Eltex

ESR

1.18

Syslog

RV-N-33

Eltex

MES

1.28

Syslog

RV-N-34

Eltex

vESR

1.18

Syslog

RV-N-33

ESET

ESET Protect

Universal CEF

RV-N-18

Big-IP Advanced Firewall Manager (AFM)

FW Manager

Universal CEF

RV-N-18

FFR yarai

FFRI

Universal CEF

RV-N-18

FireEye

FireEye CM Series

CMS

Universal CEF

RV-N-18

FireEye

FireEye Malware Protection System

Universal CEF

RV-N-18

Forcepoint

Forcepoint NGFW

NGFW

Universal CEF

RV-N-18

Forcepoint

Forcepoint SMC

SMC

Universal CEF

RV-N-18

Fortinet

Fortigate

NGFW

Syslog

RV-N-37

Fortinet

Fortinet FortiSOAR

SOAR

Universal CEF

RV-N-18

FreeIPA

Application

Syslog

RV-N-38

RV-N-39

RV-N-40

RV-N-41

Gigamon

Gigamon GigaVUE

Application

Universal CEF

RV-N-18

Gitlab

Application

Syslog

RV-N-42

HAProxy

2.4

Application

Syslog

RV-N-44

Hewlett Packard Enterprise

Aruba ClearPass

Application

Universal CEF

RV-N-18

Hewlett Packard Enterprise

ArubaOS-CX

Switch

Syslog

RV-N-43

Hewlett Packard Enterprise

ProCurve

Syslog

RV-N-132

Huawei

USG

NGFW

Syslog

RV-N-172

IBM

IBM InfoSphere Guardium

Application

Universal CEF

RV-N-18

Illumio

Illumio Policy Compute Engine (PCE)

Application

Universal CEF

RV-N-18

Imperva

Imperva Incapsula

AntiDDoS

Universal CEF

RV-N-18

Imperva

Imperva SecureSphere

SecurityPlatform

Universal CEF

RV-N-18

Infotecs

ViPNet Coordinator

NGFW

Syslog

RV-N-46

InfoWatch

Traffic Monitor

DLP

RV-N-45

Intralinks

Intralinks VIA

Application

Universal CEF

RV-N-18

JetBrains

TeamCity

2023
2024

Application

Syslog

RV-N-47

RV-N-48

RV-N-136

Juniper

JunOS

NGFW

Syslog

RV-N-49

Kaspersky

Kaspersky Anti Targeted Attack (КАТА)

Sandbox

Syslog

RV-N-50

Kaspersky

Kaspersky CyberTrace

Syslog

RV-N-166

Kaspersky

Kaspersky Secure Mail Gateway

2.1

Syslog CEF

RV-N-18

Kaspersky

Kaspersky Security Center

DB MS SQL

DB MySQL (MariaDB)

DB PostgreSQL

Syslog CEF

RV-N-51

RV-N-130

Kaspersky

Kaspersky Web Traffic Security

6.1

Syslog

RV-N-52

Kubernetes

1.18

Application

Vector

RV-N-53

RV-N-54

Lieberman

Lieberman Application ERPM

Vault

Universal CEF

RV-N-18

Lighttpd

2.4

Web

Syslog

RV-N-160

RV-N-161

Mattermost

Application

Syslog

RV-N-129

Microsoft

Active Directory Domain Services

2008—2022

Application

Агент R-Vision Endpoint

RV-N-147

Microsoft

Active Directory Web Services

2008—2022

Application

Агент R-Vision Endpoint

RV-N-58

Microsoft

DHCP Server

2008—2022

Application

Агент R-Vision Endpoint

RV-N-59

Microsoft

DNS Server

2008—2022

Application

Агент R-Vision Endpoint

RV-N-60

RV-N-61

RV-N-62

Microsoft

Exchange

2019

Application

Агент R-Vision Endpoint

RV-N-63

Microsoft

Microsoft IIS

2008—2022

WEB

Агент R-Vision Endpoint

RV-N-64

Microsoft

Microsoft WMI

WMI

RV-N-126

Microsoft

SQL Server

2008—2022

Агент R-Vision Endpoint

RV-N-69

RV-N-70

Microsoft

System Center Configuration Manager

Application

Агент R-Vision Endpoint

RV-N-65

RV-N-66

RV-N-67

Microsoft

System Center Operations Manager

Application

Агент R-Vision Endpoint

RV-N-68

Microsoft

Terminal Services

Application

Агент R-Vision Endpoint

RV-N-78

Microsoft

Windows AppLocker

Агент R-Vision Endpoint

RV-N-72

Microsoft

Windows Bits

Агент R-Vision Endpoint

RV-N-73

Microsoft

Windows PowerShell

Агент R-Vision Endpoint

RV-N-74

Microsoft

Windows Security

Агент R-Vision Endpoint

RV-N-157

Microsoft

Windows Sysmon

Агент R-Vision Endpoint

RV-N-76

Microsoft

Windows TakScheduler

Агент R-Vision Endpoint

RV-N-77

Microsoft

Windows Terminal Service Gateway

Application

Агент R-Vision Endpoint

RV-N-79

Microsoft

Windows WinRM

Агент R-Vision Endpoint

RV-N-71

Mikrotik

Router OS

SW/Router/FW

Syslog

RV-N-80

MongoDB

Syslog

RV-N-81

Netgate

pfSense

Application

Syslog

RV-N-164

NetIQ

NetIQ Identity Manager

Universal CEF

RV-N-18

NetScout

NetScout Systems nGenius Performance Manager

Application

Universal CEF

RV-N-18

Netskope

Cloud Access Security Broker

Application

Universal CEF

RV-N-18

Netwrix

Netwrix Auditor

Application

Universal CEF

RV-N-18

Nextcloud

Application

Syslog

RV-N-167

Nexthink

Nexthink Engine

Application

Universal CEF

RV-N-18

Nginx

1.26
1.27
1.28

Web

Агент R-Vision Endpoint

Syslog

RV-N-84

RV-N-85

RV-N-139

NIKSUN

NIKSUN NetDetector

Application

Universal CEF

RV-N-18

One Identity

One Identity Privileged Session Management

PAM

Universal CEF

RV-N-18

OpenBao

2.1

Application

Syslog

RV-N-89

OpenVPN

VPN

Syslog

RV-N-90

RV-N-91

OpenVPN

OpenVPN Access Server

Application

Syslog

RV-N-165

Oracle

MySQL

Syslog

DB(MySQL)

RV-N-82

RV-N-83

Oracle

OracleDB

Syslog

RV-N-92

Orion Soft

zVirt (oVirt)

Virtualization

DB (PostgreSQL)

RV-N-158

PagerDuty

Application

Universal CEF

RV-N-18

Palo Alto

Palo Alto Cortex Data Lake

Application

Universal CEF

RV-N-18

Palo Alto

Palo Alto Networks PANOS

Application

Universal CEF

RV-N-18

Passbolt

Vault

Syslog

RV-N-93

Passwork

Vault

Syslog CEF

RV-N-94

Penta Security

WAPPLES

WAF

Universal CEF

RV-N-18

Positive Technologies

Application Firewall

WAF

Syslog

RV-N-95

RV-N-96

Positive Technologies

Application Firewall

WAF

Syslog

RV-N-97

Positive Technologies

Industrial Security Incident Manager

NTA (в сегмент АСУ ТП)

Syslog

RV-N-159

Positive Technologies

Network Attack Discovery

NTA

Syslog

RV-N-128

Positive Technologies

Sandbox

Syslog

RV-N-98

PostgreSQL

Syslog

RV-N-100

Progress

Kemp LoadMaster

Application

Universal CEF

RV-N-18

Proofpoint

Proofpoint Insider Threat Management

Universal CEF

RV-N-18

Proxmox

Proxmox Virtual Environment

Syslog

RV-N-101

R-Vision

R-Vision SOAR

Syslog

RV-N-131

R-Vision

R-Vision TDP

TDP

Syslog

RV-N-102

R-Vision

R-Vision TIP

TIP

Syslog CEF

RV-N-103

Recorded Future

Threat Intelligence Platform

TIP

Universal CEF

RV-N-18

Red Hat

Ansible Tower

Application

Syslog

RV-N-5

Red Hat

AWX

Application

Syslog

RV-N-5

Linux

Linux Auditd

Агент R-Vision Endpoint

Syslog

RV-N-55

RV-N-56

RV-ET-2

RV-A-1

Red Hat

Red Hat Enterprise Linux

Агент R-Vision Endpoint

RV-N-57

Redis

Redis Enterprise DB

7.2

Syslog

RV-N-105

ReversingLabs

ReversingLabs N1000 Appliance

Application

Universal CEF

RV-N-18

Rocky Foundation

Rocky Linux

Агент R-Vision Endpoint

RV-N-57

S-Terra

S-Terra Gate

4.3

VPN

Syslog

RV-N-106

SailPoint

SailPoint IdentityIQ

IDM

Universal CEF

RV-N-18

SberTech

Platform V Pangolin SE

Syslog

RV-N-107

Searchinform

Searchinform DLP

DLP

Universal CEF

RV-N-18

Security Code

Континент

NGFW

Syslog

RV-N-112

Security Code

SecretNet Studio

ACM

DB (MSSQL)

RV-N-109

RV-N-110

Security Code

SecretNet Studio LSP

1.12

ACM

Syslog

RV-N-108

SentinelOne

EDR

Universal CEF

RV-N-18

Squid

Proxy

Syslog

RV-N-117

Suricata

Application

Syslog

RV-N-140

ThreatConnect

Threat Intelligence Platform

TIP

Universal CEF

RV-N-18

ThreatQuotient

Application

Universal CEF

RV-N-18

TrapX

DeceptionGrid

Deception

Universal CEF

RV-N-18

Trend Micro

Trend Micro Control Manager

Application

Universal CEF

RV-N-18

Trend Micro

Trend Micro Deep Security

Application

Universal CEF

RV-N-18

Trend Micro

Trend Micro NGFW

NGFW

Universal CEF

RV-N-18

Trustwave

Application Security DbProtect

WAF

Universal CEF

RV-N-18

Usergate

Usergate NGFW

NGFW

Syslog

RV-N-35

Usergate

Usergate UTM

UTM

Syslog

RV-N-36

Varonis

DatAdvantage

Data Protection

Universal CEF

RV-N-18

Veeam

Veeam Backup

Backup

Агент R-Vision Endpoint

RV-N-122

Veriato

Veriato 360

UEBA

Universal CEF

RV-N-18

VMware

VMware Carbon Black EDR

EDR

Universal CEF

RV-N-18

VMware

VMware ESXi

Syslog

RV-N-119

VMware

VMware Horizon

7.8

Syslog

RV-N-120

VMware

VMware vCenter

Syslog

RV-N-121

Vormetric

Vormetric Data Security Manager

SMC

Universal CEF

RV-N-18

Votiro

Votiro Disarmer for Windows

Application

Universal CEF

RV-N-18

Webroot

Webroot BrightCloud

Application

Universal CEF

RV-N-18

Xello

Xello Deception

5.5

Honeypot

Syslog CEF

RV-N-143

Zabbix

Application

DB (PostgreSQL)

RV-N-124

Zeek

Traffic Parcer

Application

Syslog

RV-N-125

Zettaset

BDEncrypt

DBF

Universal CEF

RV-N-18

Zscaler

Zscaler Nanolog Streaming Service (NSS)

Application

Universal CEF

RV-N-18