Поддерживаемые источники событий

Данная таблица содержит список информационных систем, из которых в SIEM поступают события. Для указанных источников разработаны правила нормализации.

Вендор	Продукт	Версия	Тип подключения	ID правила нормализации
AhnLab	Absolute Data and Device Security (DDS)	-	Universal CEF	RV-N-243
AhnLab	AhnLab Malware Defense System (MDS)	-	Universal CEF	RV-N-243
Apache	Apache HTTP Server	2	Syslog (access) Syslog (error)	RV-N-231 RV-N-232
Atlassian	Confluence	8, 9	Syslog	RV-N-237
Atlassian	Jira	-	Syslog	RV-N-238 RV-N-239
Avigilon	Avigilon Access Control Manager (ACM)	-	Universal CEF	RV-N-243
Ayehu	Ayehu eyeShare	-	Universal CEF	RV-N-243
Barracuda	Barracuda Networks NG Firewall	-	Universal CEF	RV-N-243
BeyondTrust	BeyondInsight	-	Universal CEF	RV-N-243
BeyondTrust	Privilege Management Console	-	Universal CEF	RV-N-243
BI.ZONE	BI.ZONE EDR	-	Kafka	RV-N-213 RV-N-214 RV-N-215 RV-N-216
BIND	BIND DNS	9.9	Syslog	RV-N-188
Bloombase	Bloombase StoreSafe	-	Universal CEF	RV-N-243
BMC	BMC CorreLog	-	Universal CEF	RV-N-243
Bricata	Bricata ProAccel	-	Universal CEF	RV-N-243
Brinqa Risk	Brinqa Risk Analytics	-	Universal CEF	RV-N-243
Broadcom	Symantec Advanced Threat Protection (ATP)	-	Universal CEF	RV-N-243
Broadcom	Symantec Endpoint Protection Mobile	-	Universal CEF	RV-N-243
Broadcom	Symantec Threat Hunting Center	-	Universal CEF	RV-N-243
Check Point	Check Point Endpoint Security	-	Syslog	RV-N-248
Check Point	Check Point Harmony Endpoint	-	Syslog	RV-N-248
Cisco	Cisco ASA	-	Syslog	RV-N-197
Cisco	Cisco IOS	12—15	Syslog	RV-N-244
Cisco	NetFlow	9	Syslog	RV-N-197
Cisco	Cisco Secure Email Gateway (SEG)	-	Universal CEF	RV-N-243
Cisco	Cisco Secure Firewall Management Center	-	Universal CEF	RV-N-243
Claroty	Claroty Continuous Threat Detection	-	Universal CEF	RV-N-243
ClickHouse	ClickHouse	-	DB	RV-N-193
CloudPassage	CloudPassage Halo	-	Universal CEF	RV-N-243
Corvil	Corvil Network Analytics	-	Universal CEF	RV-N-243
Cribl	Cribl Stream	-	Universal CEF	RV-N-243
CrowdStrike	Falcon Host	-	Universal CEF	RV-N-243
CyberArk	Privileged Threat Analytics (PTA)	-	Universal CEF	RV-N-243
DeepInstinct	DeepInstinct	-	Universal CEF	RV-N-243
Delinea	Delinea Secret Server	-	Universal CEF	RV-N-243
Digital Guardian	Digital Guardian Endpoint Threat Detection	-	Universal CEF	RV-N-243
Dragos	Dragos Platform	-	Universal CEF	RV-N-243
EclecticIQ	EclecticIQ Intelligence Center	-	Universal CEF	RV-N-243
Edge Technologies	Edge Technologies AppBoard and enPortal	-	Universal CEF	RV-N-243
Efros	Efros DefOps NAC	-	Syslog	RV-N-261
ESET	ESET PROTECT	-	Universal CEF	RV-N-243
F5	BIG-IP Advanced Firewall Manager (AFM)	-	Universal CEF	RV-N-243
FFRI	FFR yarai	-	Universal CEF	RV-N-243
FireEye	FireEye CM Series	-	Universal CEF	RV-N-243
FireEye	FireEye Malware Protection System	-	Universal CEF	RV-N-243
Forcepoint	Forcepoint NGFW	-	Universal CEF	RV-N-243
Forcepoint	Forcepoint SMC	-	Universal CEF	RV-N-243
Fortinet	FortiSOAR	-	Universal CEF	RV-N-243
FreeIPA	FreeIPA	3, 4	Syslog	RV-N-206 RV-N-207 RV-N-208 RV-N-209
Gigamon	Gigamon GigaVUE	-	Universal CEF	RV-N-243
Hewlett Packard Enterprise	Aruba ClearPass	-	Universal CEF	RV-N-243
IBM	IBM InfoSphere Guardium	-	Universal CEF	RV-N-243
IETF	IPFIX	-	Netflow	RV-N-302
Illumio	Policy Compute Engine (PCE)	-	Universal CEF	RV-N-243
Imperva	Imperva Incapsula	-	Universal CEF	RV-N-243
Imperva	Imperva SecureSphere	-	Universal CEF	RV-N-243
InfoWatch	InfoWatch Traffic Monitor	3	DB	RV-N-198
Intralinks	Intralinks VIA	-	Universal CEF	RV-N-243
Kaspersky	Kaspersky CyberTrace	-	Syslog	RV-N-182
Kaspersky	Kaspersky Secure Mail Gateway	-	Syslog	RV-N-184
Kaspersky	Kaspersky Security Center	14	DB MS SQL DB MySQL (MariaDB) DB PostgreSQL Syslog CEF	RV-N-183
Lieberman Software	Enterprise Random Password Manager (ERPM)	-	Universal CEF	RV-N-243
Lighttpd	Lighttpd	2.4	Syslog	RV-N-231 RV-N-232
Linux	Linux Auth	-	Syslog	RV-N-220
MariaDB	MariaDB	5—12	Syslog	RV-N-236
Microsoft	Acitve Directory Federation Services	2008—2022	R-Vision EVO Endpoint	RV-N-247
Microsoft	DHCP Server	2008—2022	R-Vision EVO Endpoint	RV-N-245
Microsoft	Exchange	2008—2022	R-Vision EVO Endpoint	RV-N-263 RV-N-264
Microsoft	Hyper-V	-	R-Vision EVO Endpoint	RV-N-228
Microsoft	IIS	2008—2022	Агент	RV-N-230
Microsoft	Microsoft SQL Server	2008—2022	DB (журнал запросов) R-Point EVO Agent (audit)	RV-N-192
Microsoft	Windows Sysmon	2008—2022	Агент	RV-N-211
Microsoft	Windows PowerShell	2008—2022	Агент	RV-N-218
Microsoft	Windows Security	2008—2022	Агент	RV-N-222
Microsoft	Windows System	2008—2022	Агент	RV-N-228
MongoDB	MongoDB	8	Syslog	RV-N-293
NetIQ	NetIQ Identity Manager	-	Universal CEF	RV-N-243
NetScout	NetScout Systems nGenius Performance Manager	-	Universal CEF	RV-N-243
Netskope	Cloud Access Security Broker (CASB)	-	Universal CEF	RV-N-243
Netwrix	Netwrix Auditor	-	Universal CEF	RV-N-243
Nexthink	Nexthink Engine	-	Universal CEF	RV-N-243
Nginx	Nginx	-	Syslog	RV-N-234
NIKSUN	NIKSUN NetDetector	-	Universal CEF	RV-N-243
One Identity	One Identity Privileged Access Management (PAM)	-	Universal CEF	RV-N-243
OpenVPN	OpenVPN	2.4 2.6	Syslog	RV-N-225 RV-N-226
OpenVPN	OpenVPN Access Server	-	Syslog	RV-N-227
PagerDuty	PagerDuty	-	Universal CEF	RV-N-243
Palo Alto	Cortex Data Lake	-	Universal CEF	RV-N-243
Palo Alto	PAN-OS	-	Universal CEF	RV-N-243
Penta Security	WAPPLES	-	Universal CEF	RV-N-243
Positive Technologies	PT Application Firewall	3	Syslog (audit) Syslog (atack)	RV-N-199 RV-N-200
Positive Technologies	PT Application Firewall	4	Syslog	RV-N-190
Positive Technologies	PT Sandbox	-	Syslog	RV-N-288
Positive Technologies	PT Network Attack Discovery	-	Syslog	RV-N-203
PostgreSQL	PostgreSQL	14 17	Syslog	RV-N-189
Progress	Kemp LoadMaster	-	Universal CEF	RV-N-243
Proofpoint	Proofpoint Insider Threat Management	-	Universal CEF	RV-N-243
Recorded Future	Intelligence Cloud Platform	-	Universal CEF	RV-N-243
Red Hat	Linux Auditd	-	Syslog	RV-N-187 RV-N-186 RV-A-2
ReversingLabs	ReversingLabs N1000 Appliance	-	Universal CEF	RV-N-243
R-Vision	R-Vision TDP	-	Syslog	RV-N-287
R-Vision	Универсальный коннектор CEF	CEF v.26	Universal CEF	RV-N-243
SailPoint Technologies	SailPoint IdentityIQ	-	Universal CEF	RV-N-243
SentinelOne	SentinelOne	-	Universal CEF	RV-N-243
Thales eSecurity	Vormetric Data Security Manager	-	Universal CEF	RV-N-243
ThreatConnect	Threat Intelligence Platform	-	Universal CEF	RV-N-243
ThreatQuotient	ThreatQuotient	-	Universal CEF	RV-N-243
TrapX Security	DeceptionGrid	-	Universal CEF	RV-N-243
Trend Micro	Trend Micro Control Manager	-	Universal CEF	RV-N-243
Trend Micro	Trend Micro Deep Security	-	Universal CEF	RV-N-243
Trend Micro	Trend Micro NGFW	-	Universal CEF	RV-N-243
Trustwave	Trustwave DbProtect	-	Universal CEF	RV-N-243
Varonis Systems	DatAdvantage	-	Universal CEF	RV-N-243
Veeam Software	Veeam Backup & Replication	11	R-Vision EVO Endpoint	RV-N-246
Veriato	Veriato 360	-	Universal CEF	RV-N-243
VMware	VMware Carbon Black EDR	-	Universal CEF	RV-N-243
VMware	VMware ESXi	6—8	Syslog	RV-N-179
VMware	VMware Horizon	8.10	Syslog	RV-N-295
VMware	VMware vCenter Server	6—8	Syslog	RV-N-180
Votiro	Votiro Disarmer for Windows	-	Universal CEF	RV-N-243
Webroot	Webroot BrightCloud	-	Universal CEF	RV-N-243
Zabbix	Zabbix	-	DB	RV-N-260
Zettaset	BDEncrypt	-	Universal CEF	RV-N-243
Zscaler	Zscaler Nanolog Streaming Service (NSS)	-	Universal CEF	RV-N-243
1С-Битрикс	Битрикс24	-	DB (MySQL)	RV-N-307
АйТи Бастион	СКДПУ НТ	-	Universal CEF	RV-N-191 RV-N-243
Гарда Технологии	Гарда WAF	2.4	DB (PostgreSQL)	RV-N-223
ИнфоТеКС	ViPNet IDS NS	3.10	Syslog CEF	RV-N-281
ИнфоТеКС	ViPNet TIAS	3.10	Syslog CEF	RV-N-283
Код Безопасности	Secret Net Studio	8	DB (audit) DB (sec events)	RV-N-109 RV-N-201 RV-N-202
Код Безопасности	Континент	3.9.3	Syslog	RV-N-266
Пассворк	Пассворк	-	Syslog	RV-N-224
СёрчИнформ	СёрчИнформ КИБ	-	Universal CEF	RV-N-243
Солар	Solar Dozor	7 8	Syslog	RV-N-219

Вендор

Продукт

Версия

Тип подключения

ID правила нормализации

AhnLab

Absolute Data and Device Security (DDS)

Universal CEF

RV-N-243

AhnLab

AhnLab Malware Defense System (MDS)

Universal CEF

RV-N-243

Apache

Apache HTTP Server

Syslog (access)

Syslog (error)

RV-N-231

RV-N-232

Atlassian

Confluence

8, 9

Syslog

RV-N-237

Atlassian

Jira

Syslog

RV-N-238

RV-N-239

Avigilon

Avigilon Access Control Manager (ACM)

Universal CEF

RV-N-243

Ayehu

Ayehu eyeShare

Universal CEF

RV-N-243

Barracuda

Barracuda Networks NG Firewall

Universal CEF

RV-N-243

BeyondTrust

BeyondInsight

Universal CEF

RV-N-243

BeyondTrust

Privilege Management Console

Universal CEF

RV-N-243

BI.ZONE

BI.ZONE EDR

Kafka

RV-N-213

RV-N-214

RV-N-215

RV-N-216

BIND

BIND DNS

9.9

Syslog

RV-N-188

Bloombase

Bloombase StoreSafe

Universal CEF

RV-N-243

BMC

BMC CorreLog

Universal CEF

RV-N-243

Bricata

Bricata ProAccel

Universal CEF

RV-N-243

Brinqa Risk

Brinqa Risk Analytics

Universal CEF

RV-N-243

Broadcom

Symantec Advanced Threat Protection (ATP)

Universal CEF

RV-N-243

Broadcom

Symantec Endpoint Protection Mobile

Universal CEF

RV-N-243

Broadcom

Symantec Threat Hunting Center

Universal CEF

RV-N-243

Check Point

Check Point Endpoint Security

Syslog

RV-N-248

Check Point

Check Point Harmony Endpoint

Syslog

RV-N-248

Cisco

Cisco ASA

Syslog

RV-N-197

Cisco

Cisco IOS

12—15

Syslog

RV-N-244

Cisco

NetFlow

Syslog

RV-N-197

Cisco

Cisco Secure Email Gateway (SEG)

Universal CEF

RV-N-243

Cisco

Cisco Secure Firewall Management Center

Universal CEF

RV-N-243

Claroty

Claroty Continuous Threat Detection

Universal CEF

RV-N-243

ClickHouse

RV-N-193

CloudPassage

CloudPassage Halo

Universal CEF

RV-N-243

Corvil

Corvil Network Analytics

Universal CEF

RV-N-243

Cribl

Cribl Stream

Universal CEF

RV-N-243

CrowdStrike

Falcon Host

Universal CEF

RV-N-243

CyberArk

Privileged Threat Analytics (PTA)

Universal CEF

RV-N-243

DeepInstinct

Universal CEF

RV-N-243

Delinea

Delinea Secret Server

Universal CEF

RV-N-243

Digital Guardian

Digital Guardian Endpoint Threat Detection

Universal CEF

RV-N-243

Dragos

Dragos Platform

Universal CEF

RV-N-243

EclecticIQ

EclecticIQ Intelligence Center

Universal CEF

RV-N-243

Edge Technologies

Edge Technologies AppBoard and enPortal

Universal CEF

RV-N-243

Efros

Efros DefOps NAC

Syslog

RV-N-261

ESET

ESET PROTECT

Universal CEF

RV-N-243

BIG-IP Advanced Firewall Manager (AFM)

Universal CEF

RV-N-243

FFRI

FFR yarai

Universal CEF

RV-N-243

FireEye

FireEye CM Series

Universal CEF

RV-N-243

FireEye

FireEye Malware Protection System

Universal CEF

RV-N-243

Forcepoint

Forcepoint NGFW

Universal CEF

RV-N-243

Forcepoint

Forcepoint SMC

Universal CEF

RV-N-243

Fortinet

FortiSOAR

Universal CEF

RV-N-243

FreeIPA

3, 4

Syslog

RV-N-206

RV-N-207

RV-N-208

RV-N-209

Gigamon

Gigamon GigaVUE

Universal CEF

RV-N-243

Hewlett Packard Enterprise

Aruba ClearPass

Universal CEF

RV-N-243

IBM

IBM InfoSphere Guardium

Universal CEF

RV-N-243

IETF

IPFIX

Netflow

RV-N-302

Illumio

Policy Compute Engine (PCE)

Universal CEF

RV-N-243

Imperva

Imperva Incapsula

Universal CEF

RV-N-243

Imperva

Imperva SecureSphere

Universal CEF

RV-N-243

InfoWatch

InfoWatch Traffic Monitor

RV-N-198

Intralinks

Intralinks VIA

Universal CEF

RV-N-243

Kaspersky

Kaspersky CyberTrace

Syslog

RV-N-182

Kaspersky

Kaspersky Secure Mail Gateway

Syslog

RV-N-184

Kaspersky

Kaspersky Security Center

DB MS SQL

DB MySQL (MariaDB)

DB PostgreSQL

Syslog CEF

RV-N-183

Lieberman Software

Enterprise Random Password Manager (ERPM)

Universal CEF

RV-N-243

Lighttpd

2.4

Syslog

RV-N-231

RV-N-232

Linux

Linux Auth

Syslog

RV-N-220

MariaDB

5—12

Syslog

RV-N-236

Microsoft

Acitve Directory Federation Services

2008—2022

R-Vision EVO Endpoint

RV-N-247

Microsoft

DHCP Server

2008—2022

R-Vision EVO Endpoint

RV-N-245

Microsoft

Exchange

2008—2022

R-Vision EVO Endpoint

RV-N-263

RV-N-264

Microsoft

Hyper-V

R-Vision EVO Endpoint

RV-N-228

Microsoft

IIS

2008—2022

Агент

RV-N-230

Microsoft

Microsoft SQL Server

2008—2022

DB (журнал запросов)

R-Point EVO Agent (audit)

RV-N-192

Microsoft

Windows Sysmon

2008—2022

Агент

RV-N-211

Microsoft

Windows PowerShell

2008—2022

Агент

RV-N-218

Microsoft

Windows Security

2008—2022

Агент

RV-N-222

Microsoft

Windows System

2008—2022

Агент

RV-N-228

MongoDB

Syslog

RV-N-293

NetIQ

NetIQ Identity Manager

Universal CEF

RV-N-243

NetScout

NetScout Systems nGenius Performance Manager

Universal CEF

RV-N-243

Netskope

Cloud Access Security Broker (CASB)

Universal CEF

RV-N-243

Netwrix

Netwrix Auditor

Universal CEF

RV-N-243

Nexthink

Nexthink Engine

Universal CEF

RV-N-243

Nginx

Syslog

RV-N-234

NIKSUN

NIKSUN NetDetector

Universal CEF

RV-N-243

One Identity

One Identity Privileged Access Management (PAM)

Universal CEF

RV-N-243

OpenVPN

2.4

2.6

Syslog

RV-N-225

RV-N-226

OpenVPN

OpenVPN Access Server

Syslog

RV-N-227

PagerDuty

Universal CEF

RV-N-243

Palo Alto

Cortex Data Lake

Universal CEF

RV-N-243

Palo Alto

PAN-OS

Universal CEF

RV-N-243

Penta Security

WAPPLES

Universal CEF

RV-N-243

Positive Technologies

PT Application Firewall

Syslog (audit)

Syslog (atack)

RV-N-199

RV-N-200

Positive Technologies

PT Application Firewall

Syslog

RV-N-190

Positive Technologies

PT Sandbox

Syslog

RV-N-288

Positive Technologies

PT Network Attack Discovery

Syslog

RV-N-203

PostgreSQL

Syslog

RV-N-189

Progress

Kemp LoadMaster

Universal CEF

RV-N-243

Proofpoint

Proofpoint Insider Threat Management

Universal CEF

RV-N-243

Recorded Future

Intelligence Cloud Platform

Universal CEF

RV-N-243

Red Hat

Linux Auditd

Syslog

RV-N-187

RV-N-186

RV-A-2

ReversingLabs

ReversingLabs N1000 Appliance

Universal CEF

RV-N-243

R-Vision

R-Vision TDP

Syslog

RV-N-287

R-Vision

Универсальный коннектор CEF

CEF v.26

Universal CEF

RV-N-243

SailPoint Technologies

SailPoint IdentityIQ

Universal CEF

RV-N-243

SentinelOne

Universal CEF

RV-N-243

Thales eSecurity

Vormetric Data Security Manager

Universal CEF

RV-N-243

ThreatConnect

Threat Intelligence Platform

Universal CEF

RV-N-243

ThreatQuotient

Universal CEF

RV-N-243

TrapX Security

DeceptionGrid

Universal CEF

RV-N-243

Trend Micro

Trend Micro Control Manager

Universal CEF

RV-N-243

Trend Micro

Trend Micro Deep Security

Universal CEF

RV-N-243

Trend Micro

Trend Micro NGFW

Universal CEF

RV-N-243

Trustwave

Trustwave DbProtect

Universal CEF

RV-N-243

Varonis Systems

DatAdvantage

Universal CEF

RV-N-243

Veeam Software

Veeam Backup & Replication

R-Vision EVO Endpoint

RV-N-246

Veriato

Veriato 360

Universal CEF

RV-N-243

VMware

VMware Carbon Black EDR

Universal CEF

RV-N-243

VMware

VMware ESXi

6—8

Syslog

RV-N-179

VMware

VMware Horizon

8.10

Syslog

RV-N-295

VMware

VMware vCenter Server

6—8

Syslog

RV-N-180

Votiro

Votiro Disarmer for Windows

Universal CEF

RV-N-243

Webroot

Webroot BrightCloud

Universal CEF

RV-N-243

Zabbix

RV-N-260

Zettaset

BDEncrypt

Universal CEF

RV-N-243

Zscaler

Zscaler Nanolog Streaming Service (NSS)

Universal CEF

RV-N-243

1С-Битрикс

Битрикс24

DB (MySQL)

RV-N-307

АйТи Бастион

СКДПУ НТ

Universal CEF

RV-N-191

RV-N-243

Гарда Технологии

Гарда WAF

2.4

DB (PostgreSQL)

RV-N-223

ИнфоТеКС

ViPNet IDS NS

3.10

Syslog CEF

RV-N-281

ИнфоТеКС

ViPNet TIAS

3.10

Syslog CEF

RV-N-283

Код Безопасности

Secret Net Studio

DB (audit)

DB (sec events)

RV-N-109

RV-N-201

RV-N-202

Код Безопасности

Континент

3.9.3

Syslog

RV-N-266

Пассворк

Syslog

RV-N-224

СёрчИнформ

СёрчИнформ КИБ

Universal CEF

RV-N-243

Солар

Solar Dozor

Syslog

RV-N-219

Была ли полезна эта страница?