Поддерживаемые источники событий

Данная таблица содержит список информационных систем, из которых в SIEM поступают события. Для указанных источников разработаны правила нормализации.

Вендор	Продукт	Версия	Класс	Тип подключения	ID правила нормализации
AhnLab	Absolute Data and Device Security (DDS)	-	DLP	Universal CEF	RV-N-18
AhnLab	AhnLab Malware Defense System (MDS)	-	Sandbox	Universal CEF	RV-N-18
Apache	Apache Cassandra	4.1	DB	Syslog	RV-N-6
Apache	Apache HTTP Server	2	Web	Агент R-Vision Endpoint Syslog	RV-N-7 RV-N-8
Apple	macOS	10, 11	OS	Агент R-Vision Endpoint	RV-N-9 RV-N-174
Atlassian	Confluence	8	Business	Syslog	RV-N-10 RV-N-11
Atlassian	Jira	9, 10	Business	Syslog	RV-N-12 RV-N-13
Avigilon	Avigilon Access Control Manager (ACM)	-	ACM	Universal CEF	RV-N-18
AV Soft	ATHENA	1.4	Sandbox	Syslog	RV-N-4
Ayehu	Ayehu eyeShare	-	ITSM	Universal CEF	RV-N-18
Barracuda	Barracuda Networks NG Firewall	-	NGFW	Universal CEF	RV-N-18
BeyondTrust	BeyondInsight	-	PAM	Universal CEF	RV-N-18
BeyondTrust	Privilege Management Console	-	PAM	Universal CEF	RV-N-18
BIND	BIND DNS	9.9	Application	Syslog	RV-N-14 RV-N-15 RV-N-16 RV-N-17 RV-N-142
Bloombase	Bloombase StoreSafe	-	Application	Universal CEF	RV-N-18
BMC	BMC CorreLog	-	SIEM	Universal CEF	RV-N-18
Bricata	Bricata ProAccel	-	IPS	Universal CEF	RV-N-18
Brinqa Risk	Brinqa Risk Analytics	-	ROC (Risk Operation Center)	Universal CEF	RV-N-18
Broadcom	Symantec Advanced Threat Protection (ATP)	-	TP	Universal CEF	RV-N-18
Broadcom	Symantec Endpoint Protection Mobile	-	AV	Universal CEF	RV-N-18
Broadcom	Symantec Threat Hunting Center	-	TH	Universal CEF	RV-N-18
Canonical	Ubuntu	1804, 2004, 2204, 2404	OS	Агент R-Vision Endpoint	RV-N-57
Check Point	Check Point Firewall	R80+	NGFW	Syslog CEF	RV-N-19
Check Point	GAiA	R80+	OS	Syslog	RV-N-20
Cisco	Cisco ASA	8.4, 9	FW	Syslog	RV-N-22
Cisco	Cisco FirePower	6	IPS	Syslog	RV-N-23
Cisco	Cisco FirePower	7	IPS	Syslog	RV-N-23
Cisco	Cisco IOS	12—15	Network	Syslog	RV-N-24
Cisco	Cisco IOS XE	17	Network	Syslog	RV-N-25
Cisco	Cisco IOS XR	24	Network	Syslog	RV-N-26
Cisco	Cisco Nexus	10.1	Network	Syslog	RV-N-27
Cisco	Cisco Secure Email Gateway (SEG)	-	GW	Universal CEF	RV-N-18
Cisco	Cisco Secure Firewall Management Center	-	MC	Universal CEF	RV-N-18
Cisco	IPFIX	v10	Network	Netflow	RV-N-87
Cisco	NetFlow v5	v5	Network	Netflow	RV-N-86
Cisco	NetFlow v9	v9	Network	Netflow	RV-N-88
Citrix	Citrix NetScaler	13, 14	Gateway	Syslog	RV-N-28
Citrix	Citrix Virtual App and Desktops (VAD)	7	VDI	Syslog	RV-N-29 RV-N-30
Citrix	Citrix XenApp	7	HV	DB(MSSQL)	RV-N-127
Claroty	Claroty Continuous Threat Detection	-	TP	Universal CEF	RV-N-18
ClickHouse	ClickHouse	23—25	DB	DB(ClickHouse)	RV-N-31
CloudPassage	CloudPassage Halo	-	TP	Universal CEF	RV-N-18
Corvil	Corvil Network Analytics	-	Application	Universal CEF	RV-N-18
Cribl	Cribl Stream	-	Application	Universal CEF	RV-N-18
CrowdStrike	Falcon Host	-	SOC Application	Universal CEF	RV-N-18
CyberArk	Privileged Threat Analytics (PTA)	-	TP	Universal CEF	RV-N-18
Debian	Debian	10—12	OS	Агент R-Vision Endpoint	RV-N-57
DeepInstinct	DeepInstinct	-	VM	Universal CEF	RV-N-18
Delinea	Delinea Secret Server	-	Vault	Universal CEF	RV-N-18
Digital Guardian	Digital Guardian Endpoint Threat Detection	-	TD	Universal CEF	RV-N-18
DistKontrol	DistKontrolUSB	5	SW	Syslog	RV-N-32
Dragos	Dragos Platform	-	TD	Universal CEF	RV-N-18
EclecticIQ	EclecticIQ Intelligence Center	-	TD	Universal CEF	RV-N-18
Edge Technologies	Edge Technologies AppBoard and enPortal	-	Application	Universal CEF	RV-N-18
Eltex	Eltex ESR	1.18	GW	Syslog	RV-N-33
Eltex	Eltex MES	1.28	SW	Syslog	RV-N-34
Eltex	Eltex vESR	1.18	GW	Syslog	RV-N-33
ESET	ESET PROTECT	-	AV	Universal CEF	RV-N-18
F5	BIG-IP Advanced Firewall Manager (AFM)	-	FW Manager	Universal CEF	RV-N-18
FFRI	FFR yarai	-	AV	Universal CEF	RV-N-18
FireEye	FireEye CM Series	-	CMS	Universal CEF	RV-N-18
FireEye	FireEye Malware Protection System	-	AV	Universal CEF	RV-N-18
Forcepoint	Forcepoint NGFW	-	NGFW	Universal CEF	RV-N-18
Forcepoint	Forcepoint SMC	-	SMC	Universal CEF	RV-N-18
Fortinet	FortiGate	6.4, 7.2, 7.4	NGFW	Syslog	RV-N-37
Fortinet	Fortinet FortiSOAR	-	SOAR	Universal CEF	RV-N-18
FreeIPA	FreeIPA	3, 4	Application	Syslog	RV-N-38 RV-N-39 RV-N-40 RV-N-41
Gigamon	Gigamon GigaVUE	-	Application	Universal CEF	RV-N-18
Gitlab	Gitlab	17, 18	Application	Syslog	RV-N-42
HAProxy	HAProxy	2.4	Application	Syslog	RV-N-44
Hewlett Packard Enterprise	Aruba ClearPass	-	Application	Universal CEF	RV-N-18
Hewlett Packard Enterprise	ArubaOS-CX	-	Switch	Syslog	RV-N-43
Hewlett Packard Enterprise	ProCurve	-	SW	Syslog	RV-N-132
Huawei	USG	5	NGFW	Syslog	RV-N-172
IBM	IBM InfoSphere Guardium	-	Application	Universal CEF	RV-N-18
Illumio	Policy Compute Engine (PCE)	-	Application	Universal CEF	RV-N-18
Imperva	Imperva Incapsula	-	AntiDDoS	Universal CEF	RV-N-18
Imperva	Imperva SecureSphere	-	SecurityPlatform	Universal CEF	RV-N-18
InfoWatch	InfoWatch Traffic Monitor	3	DLP	DB	RV-N-45
Intralinks	Intralinks VIA	-	Application	Universal CEF	RV-N-18
JetBrains	TeamCity	2023, 2024	Application	Syslog	RV-N-47 RV-N-48 RV-N-136
Juniper	Junos OS	21, 23	NGFW	Syslog	RV-N-49
Kaspersky	Kaspersky Anti Targeted Attack (КАТА)	7	Sandbox	Syslog	RV-N-50
Kaspersky	Kaspersky CyberTrace	5	AV	Syslog	RV-N-166
Kaspersky	Kaspersky Secure Mail Gateway (KSMG)	2.1	AV	Syslog CEF	RV-N-18
Kaspersky	Kaspersky Security Center	14	AV	DB MS SQL DB MySQL (MariaDB) DB PostgreSQL Syslog CEF	RV-N-51 RV-N-130
Kaspersky	Kaspersky Web Traffic Security	6.1	AV	Syslog	RV-N-52
Kubernetes	Kubernetes	1.18	Application	Vector	RV-N-53 RV-N-54
Lieberman Software	Enterprise Random Password Manager (ERPM)	-	Vault	Universal CEF	RV-N-18
Lighttpd	Lighttpd	2.4	Web	Syslog	RV-N-160 RV-N-161
Mattermost	Mattermost	9	Application	Syslog	RV-N-129
Microsoft	Active Directory Domain Services (ADDS)	2008—2022	Application	Агент R-Vision Endpoint	RV-N-147
Microsoft	Active Directory Web Services (ADWS)	2008—2022	Application	Агент R-Vision Endpoint	RV-N-58
Microsoft	AppLocker	-	OS	Агент R-Vision Endpoint	RV-N-72
Microsoft	Background Intelligent Transfer Service (BITS)	-	OS	Агент R-Vision Endpoint	RV-N-73
Microsoft	DHCP Server	2008—2022	Application	Агент R-Vision Endpoint	RV-N-59
Microsoft	DNS Server	2008—2022	Application	Агент R-Vision Endpoint	RV-N-60 RV-N-61 RV-N-62
Microsoft	Exchange	2019	Application	Агент R-Vision Endpoint	RV-N-63
Microsoft	IIS	2008—2022	WEB	Агент R-Vision Endpoint	RV-N-64
Microsoft	Microsoft SQL Server	2008—2022	DB	DB Агент R-Vision Endpoint	RV-N-69 RV-N-70
Microsoft	Sysmon	-	OS	Агент R-Vision Endpoint	RV-N-76
Microsoft	System Center Configuration Manager (SCCM)	-	Application	Агент R-Vision Endpoint	RV-N-65 RV-N-66 RV-N-67
Microsoft	System Center Operations Manager (SCOM)	-	Application	Агент R-Vision Endpoint	RV-N-68
Microsoft	Task Scheduler	-	OS	Агент R-Vision Endpoint	RV-N-77
Microsoft	Terminal Services	-	Application	Агент R-Vision Endpoint	RV-N-78
Microsoft	Windows Management Instrumentation (WMI)	-	OS	WMI	RV-N-126
Microsoft	Windows PowerShell	-	OS	Агент R-Vision Endpoint	RV-N-74
Microsoft	Windows Remote Management (WinRM)	-	OS	Агент R-Vision Endpoint	RV-N-71
Microsoft	Windows Security	-	OS	Агент R-Vision Endpoint	RV-N-157
Microsoft	Windows Terminal Service Gateway	-	Application	Агент R-Vision Endpoint	RV-N-79
MikroTik	RouterOS	6, 7	SW/Router/FW	Syslog	RV-N-80
MongoDB	MongoDB	7, 8	DB	Syslog	RV-N-81
Netgate	pfSense	2.7, 2.8	Application	Syslog	RV-N-164
NetIQ	NetIQ Identity Manager	-	IM	Universal CEF	RV-N-18
NetScout Systems	nGenius Performance Manager	-	Application	Universal CEF	RV-N-18
Netskope	Cloud Access Security Broker (CASB)	-	Application	Universal CEF	RV-N-18
Netwrix	Netwrix Auditor	-	Application	Universal CEF	RV-N-18
Nextcloud	Nextcloud	26—29	Application	Syslog	RV-N-167
Nexthink	Nexthink Engine	-	Application	Universal CEF	RV-N-18
Nginx	Nginx	1.26—1.28	Web	Агент R-Vision Endpoint Syslog	RV-N-84 RV-N-85 RV-N-139
NIKSUN	NIKSUN NetDetector	-	Application	Universal CEF	RV-N-18
One Identity	One Identity Privileged Access Management (PAM)	-	PAM	Universal CEF	RV-N-18
OpenBao	OpenBao	2.1	Application	Syslog	RV-N-89
OpenVPN	OpenVPN	2.4, 2.6	VPN	Syslog	RV-N-90 RV-N-91
OpenVPN	OpenVPN Access Server	2	Application	Syslog	RV-N-165
Oracle	MySQL	8	DB	Syslog DB(MySQL)	RV-N-82 RV-N-83
Oracle	OracleDB	21	DB	Syslog	RV-N-92
Orion Soft	zVirt (oVirt)	4	Virtualization	DB (PostgreSQL)	RV-N-158
PagerDuty	PagerDuty	-	Application	Universal CEF	RV-N-18
Palo Alto	Cortex Data Lake	-	Application	Universal CEF	RV-N-18
Palo Alto	PAN-OS	-	Application	Universal CEF	RV-N-18
Passbolt	Passbolt	4	Vault	Syslog	RV-N-93
Penta Security	WAPPLES	-	WAF	Universal CEF	RV-N-18
Positive Technologies	PT Application Firewall	3	WAF	Syslog	RV-N-95 RV-N-96
Positive Technologies	PT Application Firewall	4	WAF	Syslog	RV-N-97
Positive Technologies	PT Industrial Security Incident Manager	5	NTA (в сегмент АСУ ТП)	Syslog	RV-N-159
Positive Technologies	PT Network Attack Discovery	-	NTA	Syslog	RV-N-128
Positive Technologies	PT Sandbox	4	Sandbox	Syslog	RV-N-98
PostgreSQL	PostgreSQL	14, 17	DB	Syslog	RV-N-100
Progress	Kemp LoadMaster	-	Application	Universal CEF	RV-N-18
Proofpoint	Proofpoint Insider Threat Management	-	TD	Universal CEF	RV-N-18
Proxmox Server Solutions	Proxmox Virtual Environment	8	HV	Syslog	RV-N-101
Recorded Future	Intelligence Cloud Platform	-	TIP	Universal CEF	RV-N-18
Red Hat	Ansible Tower	v3	Application	Syslog	RV-N-5
Red Hat	AWX	24	Application	Syslog	RV-N-5
Red Hat	Linux Auditd	-	OS	Агент R-Vision Endpoint Syslog	RV-N-55 RV-N-56 RV-ET-2 RV-A-1
Red Hat	Red Hat Enterprise Linux	7—9	OS	Агент R-Vision Endpoint	RV-N-57
Redis	Redis Enterprise	7.2	DB	Syslog	RV-N-105
ReversingLabs	ReversingLabs N1000 Appliance	-	Application	Universal CEF	RV-N-18
Rocky Enterprise Software Foundation	Rocky Linux	8—10	OS	Агент R-Vision Endpoint	RV-N-57
R-Vision	R-Vision SOAR	-	IM	Syslog	RV-N-131
R-Vision	R-Vision TDP	-	TDP	Syslog	RV-N-102
R-Vision	R-Vision TIP	-	TIP	Syslog CEF	RV-N-103
R-Vision	Универсальный коннектор CEF	-	-	Syslog	RV-N-18 Правило нормализации для сбора и обработки событий в формате ArcSight CEF. Используется для всех источников перечня с типом подключения Universal CEF.
SailPoint Technologies	SailPoint IdentityIQ	-	IDM	Universal CEF	RV-N-18
SentinelOne	SentinelOne	-	EDR	Universal CEF	RV-N-18
Squid Software Foundation	Squid	6, 7	Proxy	Syslog	RV-N-117
Suricata	Suricata	7, 8	Application	Syslog	RV-N-140
Thales eSecurity	Vormetric Data Security Manager	-	SMC	Universal CEF	RV-N-18
ThreatConnect	Threat Intelligence Platform	-	TIP	Universal CEF	RV-N-18
ThreatQuotient	ThreatQuotient	-	Application	Universal CEF	RV-N-18
TrapX Security	DeceptionGrid	-	Deception	Universal CEF	RV-N-18
Trend Micro	Trend Micro Control Manager	-	Application	Universal CEF	RV-N-18
Trend Micro	Trend Micro Deep Security	-	Application	Universal CEF	RV-N-18
Trend Micro	Trend Micro NGFW	-	NGFW	Universal CEF	RV-N-18
Trustwave	Trustwave DbProtect	-	WAF	Universal CEF	RV-N-18
UserGate	UserGate NGFW	6	NGFW	Syslog	RV-N-35
UserGate	UserGate UTM	6	UTM	Syslog	RV-N-36
Varonis Systems	DatAdvantage	-	Data Protection	Universal CEF	RV-N-18
Veeam Software	Veeam Backup	11	Backup	Агент R-Vision Endpoint	RV-N-122
Veriato	Veriato 360	-	UEBA	Universal CEF	RV-N-18
VMware	VMware Carbon Black EDR	-	EDR	Universal CEF	RV-N-18
VMware	VMware ESXi	6, 7	HV	Syslog	RV-N-119
VMware	VMware Horizon	7.8	HV	Syslog	RV-N-120
VMware	VMware vCenter Server	6, 7	HV	Syslog	RV-N-121
Votiro	Votiro Disarmer for Windows	-	Application	Universal CEF	RV-N-18
Webroot	Webroot BrightCloud	-	Application	Universal CEF	RV-N-18
Xello	Xello Deception	5.5	Honeypot	Syslog CEF	RV-N-143
Zabbix	Zabbix	6, 7	Application	DB (PostgreSQL)	RV-N-124
Zeek	Traffic Parcer	4	Application	Syslog	RV-N-125
Zettaset	BDEncrypt	-	DBF	Universal CEF	RV-N-18
Zscaler	Zscaler Nanolog Streaming Service (NSS)	-	Application	Universal CEF	RV-N-18
1С	1С:Предприятие	8.3	ERP	Агент R-Vision Endpoint Скрипт	RV-N-1 RV-N-2
1С-Битрикс	Битрикс24	24	Application	DB (MySQL)	RV-N-3
АйТи Бастион	СКДПУ НТ	-	PAM	Universal CEF	RV-N-18
АЛТЭКС-СОФТ	RedCheck	2.9	VM	Syslog	RV-N-104
Атом Безопасность	StaffCop	5.5	DLP	Syslog CEF	RV-N-118
Гарда Технологии	Гарда DBF	5	DBF	Syslog CEF	RV-N-138
Гарда Технологии	Гарда DLP	1.0	DLP	Syslog	RV-N-171
Гарда Технологии	Гарда NDR	4	NDR	Syslog CEF	RV-N-163
Гарда Технологии	Гарда WAF	2.4	WAF	DB (PostgreSQL)	RV-N-144
ИнфоТеКС	ViPNet Coordinator	4	NGFW	Syslog	RV-N-46
ИнфоТеКС	ViPNet IDS NS	3.10	IDS	Syslog CEF	RV-N-145
ИнфоТеКС	ViPNet TIAS	3.10	TI (IDS Center)	Syslog CEF	RV-N-146
Код Безопасности	Secret Net LSP	1.12	ACM	Syslog	RV-N-108
Код Безопасности	Secret Net Studio	8	ACM	DB (MSSQL)	RV-N-109 RV-N-110
Код Безопасности	Континент	4	NGFW	Syslog	RV-N-112
Конфидент	ЕЦУ Dallas Lock	2	AM	Syslog DB (PostgreSQL)	RV-N-133 RV-N-135
Конфидент	Сервер безопасности Dallas Lock	8	AM	Syslog DB (MSSQL)	RV-N-134 RV-N-135
Конфидент	Сервер безопасности Dallas Lock	10	AM	Syslog DB (MSSQL)	RV-N-134 RV-N-135
Открытая Мобильная Платформа	Аврора Центр	5	Application	DB (PostgreSQL)	RV-N-162
Пассворк	Пассворк	-	Vault	Syslog CEF	RV-N-94
Ред Софт	RedOS	7	OS	Агент R-Vision Endpoint	RV-N-57
РусБИТех-Астра	ALD Pro	2.0.0	LDAP	Syslog	RV-N-38 RV-N-39 RV-N-40 RV-N-41
РусБИТех-Астра	Astra Linux	1.7	OS	Агент R-Vision Endpoint	RV-N-57
Сайберпик	Спектр	3.5		Syslog CEF	RV-N-141
СберТех	Platform V Pangolin SE	6	DB	Syslog	RV-N-107
СёрчИнформ	СёрчИнформ КИБ	-	DLP	Universal CEF	RV-N-18
Солар	Solar Dozor	7, 8	DLP	Syslog	RV-N-113
Солар	Solar inRights	3	IDM	Syslog	RV-N-114
Солар	Solar webProxy	4.1	DLP	Syslog	RV-N-115 RV-N-116
С-Терра СиЭсПи	С-Терра Шлюз	4.3	VPN	Syslog	RV-N-106

Вендор

Продукт

Версия

Класс

Тип подключения

ID правила нормализации

AhnLab

Absolute Data and Device Security (DDS)

DLP

Universal CEF

RV-N-18

AhnLab

AhnLab Malware Defense System (MDS)

Sandbox

Universal CEF

RV-N-18

Apache

Apache Cassandra

4.1

Syslog

RV-N-6

Apache

Apache HTTP Server

Web

Агент R-Vision Endpoint

Syslog

RV-N-7

RV-N-8

Apple

macOS

10, 11

Агент R-Vision Endpoint

RV-N-9

RV-N-174

Atlassian

Confluence

Business

Syslog

RV-N-10

RV-N-11

Atlassian

Jira

9, 10

Business

Syslog

RV-N-12

RV-N-13

Avigilon

Avigilon Access Control Manager (ACM)

ACM

Universal CEF

RV-N-18

AV Soft

ATHENA

1.4

Sandbox

Syslog

RV-N-4

Ayehu

Ayehu eyeShare

ITSM

Universal CEF

RV-N-18

Barracuda

Barracuda Networks NG Firewall

NGFW

Universal CEF

RV-N-18

BeyondTrust

BeyondInsight

PAM

Universal CEF

RV-N-18

BeyondTrust

Privilege Management Console

PAM

Universal CEF

RV-N-18

BIND

BIND DNS

9.9

Application

Syslog

RV-N-14

RV-N-15

RV-N-16

RV-N-17

RV-N-142

Bloombase

Bloombase StoreSafe

Application

Universal CEF

RV-N-18

BMC

BMC CorreLog

SIEM

Universal CEF

RV-N-18

Bricata

Bricata ProAccel

IPS

Universal CEF

RV-N-18

Brinqa Risk

Brinqa Risk Analytics

ROC (Risk Operation Center)

Universal CEF

RV-N-18

Broadcom

Symantec Advanced Threat Protection (ATP)

Universal CEF

RV-N-18

Broadcom

Symantec Endpoint Protection Mobile

Universal CEF

RV-N-18

Broadcom

Symantec Threat Hunting Center

Universal CEF

RV-N-18

Canonical

Ubuntu

1804, 2004, 2204, 2404

Агент R-Vision Endpoint

RV-N-57

Check Point

Check Point Firewall

R80+

NGFW

Syslog CEF

RV-N-19

Check Point

GAiA

R80+

Syslog

RV-N-20

Cisco

Cisco ASA

8.4, 9

Syslog

RV-N-22

Cisco

Cisco FirePower

IPS

Syslog

RV-N-23

Cisco

Cisco FirePower

IPS

Syslog

RV-N-23

Cisco

Cisco IOS

12—15

Network

Syslog

RV-N-24

Cisco

Cisco IOS XE

Network

Syslog

RV-N-25

Cisco

Cisco IOS XR

Network

Syslog

RV-N-26

Cisco

Cisco Nexus

10.1

Network

Syslog

RV-N-27

Cisco

Cisco Secure Email Gateway (SEG)

Universal CEF

RV-N-18

Cisco

Cisco Secure Firewall Management Center

Universal CEF

RV-N-18

Cisco

IPFIX

v10

Network

Netflow

RV-N-87

Cisco

NetFlow v5

Network

Netflow

RV-N-86

Cisco

NetFlow v9

Network

Netflow

RV-N-88

Citrix

Citrix NetScaler

13, 14

Gateway

Syslog

RV-N-28

Citrix

Citrix Virtual App and Desktops (VAD)

VDI

Syslog

RV-N-29

RV-N-30

Citrix

Citrix XenApp

DB(MSSQL)

RV-N-127

Claroty

Claroty Continuous Threat Detection

Universal CEF

RV-N-18

ClickHouse

23—25

DB(ClickHouse)

RV-N-31

CloudPassage

CloudPassage Halo

Universal CEF

RV-N-18

Corvil

Corvil Network Analytics

Application

Universal CEF

RV-N-18

Cribl

Cribl Stream

Application

Universal CEF

RV-N-18

CrowdStrike

Falcon Host

SOC Application

Universal CEF

RV-N-18

CyberArk

Privileged Threat Analytics (PTA)

Universal CEF

RV-N-18

Debian

10—12

Агент R-Vision Endpoint

RV-N-57

DeepInstinct

Universal CEF

RV-N-18

Delinea

Delinea Secret Server

Vault

Universal CEF

RV-N-18

Digital Guardian

Digital Guardian Endpoint Threat Detection

Universal CEF

RV-N-18

DistKontrol

DistKontrolUSB

Syslog

RV-N-32

Dragos

Dragos Platform

Universal CEF

RV-N-18

EclecticIQ

EclecticIQ Intelligence Center

Universal CEF

RV-N-18

Edge Technologies

Edge Technologies AppBoard and enPortal

Application

Universal CEF

RV-N-18

Eltex

Eltex ESR

1.18

Syslog

RV-N-33

Eltex

Eltex MES

1.28

Syslog

RV-N-34

Eltex

Eltex vESR

1.18

Syslog

RV-N-33

ESET

ESET PROTECT

Universal CEF

RV-N-18

BIG-IP Advanced Firewall Manager (AFM)

FW Manager

Universal CEF

RV-N-18

FFRI

FFR yarai

Universal CEF

RV-N-18

FireEye

FireEye CM Series

CMS

Universal CEF

RV-N-18

FireEye

FireEye Malware Protection System

Universal CEF

RV-N-18

Forcepoint

Forcepoint NGFW

NGFW

Universal CEF

RV-N-18

Forcepoint

Forcepoint SMC

SMC

Universal CEF

RV-N-18

Fortinet

FortiGate

6.4, 7.2, 7.4

NGFW

Syslog

RV-N-37

Fortinet

Fortinet FortiSOAR

SOAR

Universal CEF

RV-N-18

FreeIPA

3, 4

Application

Syslog

RV-N-38

RV-N-39

RV-N-40

RV-N-41

Gigamon

Gigamon GigaVUE

Application

Universal CEF

RV-N-18

Gitlab

17, 18

Application

Syslog

RV-N-42

HAProxy

2.4

Application

Syslog

RV-N-44

Hewlett Packard Enterprise

Aruba ClearPass

Application

Universal CEF

RV-N-18

Hewlett Packard Enterprise

ArubaOS-CX

Switch

Syslog

RV-N-43

Hewlett Packard Enterprise

ProCurve

Syslog

RV-N-132

Huawei

USG

NGFW

Syslog

RV-N-172

IBM

IBM InfoSphere Guardium

Application

Universal CEF

RV-N-18

Illumio

Policy Compute Engine (PCE)

Application

Universal CEF

RV-N-18

Imperva

Imperva Incapsula

AntiDDoS

Universal CEF

RV-N-18

Imperva

Imperva SecureSphere

SecurityPlatform

Universal CEF

RV-N-18

InfoWatch

InfoWatch Traffic Monitor

DLP

RV-N-45

Intralinks

Intralinks VIA

Application

Universal CEF

RV-N-18

JetBrains

TeamCity

2023, 2024

Application

Syslog

RV-N-47

RV-N-48

RV-N-136

Juniper

Junos OS

21, 23

NGFW

Syslog

RV-N-49

Kaspersky

Kaspersky Anti Targeted Attack (КАТА)

Sandbox

Syslog

RV-N-50

Kaspersky

Kaspersky CyberTrace

Syslog

RV-N-166

Kaspersky

Kaspersky Secure Mail Gateway (KSMG)

2.1

Syslog CEF

RV-N-18

Kaspersky

Kaspersky Security Center

DB MS SQL

DB MySQL (MariaDB)

DB PostgreSQL

Syslog CEF

RV-N-51

RV-N-130

Kaspersky

Kaspersky Web Traffic Security

6.1

Syslog

RV-N-52

Kubernetes

1.18

Application

Vector

RV-N-53

RV-N-54

Lieberman Software

Enterprise Random Password Manager (ERPM)

Vault

Universal CEF

RV-N-18

Lighttpd

2.4

Web

Syslog

RV-N-160

RV-N-161

Mattermost

Application

Syslog

RV-N-129

Microsoft

Active Directory Domain Services (ADDS)

2008—2022

Application

Агент R-Vision Endpoint

RV-N-147

Microsoft

Active Directory Web Services (ADWS)

2008—2022

Application

Агент R-Vision Endpoint

RV-N-58

Microsoft

AppLocker

Агент R-Vision Endpoint

RV-N-72

Microsoft

Background Intelligent Transfer Service (BITS)

Агент R-Vision Endpoint

RV-N-73

Microsoft

DHCP Server

2008—2022

Application

Агент R-Vision Endpoint

RV-N-59

Microsoft

DNS Server

2008—2022

Application

Агент R-Vision Endpoint

RV-N-60

RV-N-61

RV-N-62

Microsoft

Exchange

2019

Application

Агент R-Vision Endpoint

RV-N-63

Microsoft

IIS

2008—2022

WEB

Агент R-Vision Endpoint

RV-N-64

Microsoft

Microsoft SQL Server

2008—2022

Агент R-Vision Endpoint

RV-N-69

RV-N-70

Microsoft

Sysmon

Агент R-Vision Endpoint

RV-N-76

Microsoft

System Center Configuration Manager (SCCM)

Application

Агент R-Vision Endpoint

RV-N-65

RV-N-66

RV-N-67

Microsoft

System Center Operations Manager (SCOM)

Application

Агент R-Vision Endpoint

RV-N-68

Microsoft

Task Scheduler

Агент R-Vision Endpoint

RV-N-77

Microsoft

Terminal Services

Application

Агент R-Vision Endpoint

RV-N-78

Microsoft

Windows Management Instrumentation (WMI)

WMI

RV-N-126

Microsoft

Windows PowerShell

Агент R-Vision Endpoint

RV-N-74

Microsoft

Windows Remote Management (WinRM)

Агент R-Vision Endpoint

RV-N-71

Microsoft

Windows Security

Агент R-Vision Endpoint

RV-N-157

Microsoft

Windows Terminal Service Gateway

Application

Агент R-Vision Endpoint

RV-N-79

MikroTik

RouterOS

6, 7

SW/Router/FW

Syslog

RV-N-80

MongoDB

7, 8

Syslog

RV-N-81

Netgate

pfSense

2.7, 2.8

Application

Syslog

RV-N-164

NetIQ

NetIQ Identity Manager

Universal CEF

RV-N-18

NetScout Systems

nGenius Performance Manager

Application

Universal CEF

RV-N-18

Netskope

Cloud Access Security Broker (CASB)

Application

Universal CEF

RV-N-18

Netwrix

Netwrix Auditor

Application

Universal CEF

RV-N-18

Nextcloud

26—29

Application

Syslog

RV-N-167

Nexthink

Nexthink Engine

Application

Universal CEF

RV-N-18

Nginx

1.26—1.28

Web

Агент R-Vision Endpoint

Syslog

RV-N-84

RV-N-85

RV-N-139

NIKSUN

NIKSUN NetDetector

Application

Universal CEF

RV-N-18

One Identity

One Identity Privileged Access Management (PAM)

PAM

Universal CEF

RV-N-18

OpenBao

2.1

Application

Syslog

RV-N-89

OpenVPN

2.4, 2.6

VPN

Syslog

RV-N-90

RV-N-91

OpenVPN

OpenVPN Access Server

Application

Syslog

RV-N-165

Oracle

MySQL

Syslog

DB(MySQL)

RV-N-82

RV-N-83

Oracle

OracleDB

Syslog

RV-N-92

Orion Soft

zVirt (oVirt)

Virtualization

DB (PostgreSQL)

RV-N-158

PagerDuty

Application

Universal CEF

RV-N-18

Palo Alto

Cortex Data Lake

Application

Universal CEF

RV-N-18

Palo Alto

PAN-OS

Application

Universal CEF

RV-N-18

Passbolt

Vault

Syslog

RV-N-93

Penta Security

WAPPLES

WAF

Universal CEF

RV-N-18

Positive Technologies

PT Application Firewall

WAF

Syslog

RV-N-95

RV-N-96

Positive Technologies

PT Application Firewall

WAF

Syslog

RV-N-97

Positive Technologies

PT Industrial Security Incident Manager

NTA (в сегмент АСУ ТП)

Syslog

RV-N-159

Positive Technologies

PT Network Attack Discovery

NTA

Syslog

RV-N-128

Positive Technologies

PT Sandbox

Sandbox

Syslog

RV-N-98

PostgreSQL

14, 17

Syslog

RV-N-100

Progress

Kemp LoadMaster

Application

Universal CEF

RV-N-18

Proofpoint

Proofpoint Insider Threat Management

Universal CEF

RV-N-18

Proxmox Server Solutions

Proxmox Virtual Environment

Syslog

RV-N-101

Recorded Future

Intelligence Cloud Platform

TIP

Universal CEF

RV-N-18

Red Hat

Ansible Tower

Application

Syslog

RV-N-5

Red Hat

AWX

Application

Syslog

RV-N-5

Red Hat

Linux Auditd

Агент R-Vision Endpoint

Syslog

RV-N-55

RV-N-56

RV-ET-2

RV-A-1

Red Hat

Red Hat Enterprise Linux

7—9

Агент R-Vision Endpoint

RV-N-57

Redis

Redis Enterprise

7.2

Syslog

RV-N-105

ReversingLabs

ReversingLabs N1000 Appliance

Application

Universal CEF

RV-N-18

Rocky Enterprise Software Foundation

Rocky Linux

8—10

Агент R-Vision Endpoint

RV-N-57

R-Vision

R-Vision SOAR

Syslog

RV-N-131

R-Vision

R-Vision TDP

TDP

Syslog

RV-N-102

R-Vision

R-Vision TIP

TIP

Syslog CEF

RV-N-103

R-Vision

Универсальный коннектор CEF

Syslog

RV-N-18

Правило нормализации для сбора и обработки событий в формате ArcSight CEF.

Используется для всех источников перечня с типом подключения Universal CEF.

SailPoint Technologies

SailPoint IdentityIQ

IDM

Universal CEF

RV-N-18

SentinelOne

EDR

Universal CEF

RV-N-18

Squid Software Foundation

Squid

6, 7

Proxy

Syslog

RV-N-117

Suricata

7, 8

Application

Syslog

RV-N-140

Thales eSecurity

Vormetric Data Security Manager

SMC

Universal CEF

RV-N-18

ThreatConnect

Threat Intelligence Platform

TIP

Universal CEF

RV-N-18

ThreatQuotient

Application

Universal CEF

RV-N-18

TrapX Security

DeceptionGrid

Deception

Universal CEF

RV-N-18

Trend Micro

Trend Micro Control Manager

Application

Universal CEF

RV-N-18

Trend Micro

Trend Micro Deep Security

Application

Universal CEF

RV-N-18

Trend Micro

Trend Micro NGFW

NGFW

Universal CEF

RV-N-18

Trustwave

Trustwave DbProtect

WAF

Universal CEF

RV-N-18

UserGate

UserGate NGFW

NGFW

Syslog

RV-N-35

UserGate

UserGate UTM

UTM

Syslog

RV-N-36

Varonis Systems

DatAdvantage

Data Protection

Universal CEF

RV-N-18

Veeam Software

Veeam Backup

Backup

Агент R-Vision Endpoint

RV-N-122

Veriato

Veriato 360

UEBA

Universal CEF

RV-N-18

VMware

VMware Carbon Black EDR

EDR

Universal CEF

RV-N-18

VMware

VMware ESXi

6, 7

Syslog

RV-N-119

VMware

VMware Horizon

7.8

Syslog

RV-N-120

VMware

VMware vCenter Server

6, 7

Syslog

RV-N-121

Votiro

Votiro Disarmer for Windows

Application

Universal CEF

RV-N-18

Webroot

Webroot BrightCloud

Application

Universal CEF

RV-N-18

Xello

Xello Deception

5.5

Honeypot

Syslog CEF

RV-N-143

Zabbix

6, 7

Application

DB (PostgreSQL)

RV-N-124

Zeek

Traffic Parcer

Application

Syslog

RV-N-125

Zettaset

BDEncrypt

DBF

Universal CEF

RV-N-18

Zscaler

Zscaler Nanolog Streaming Service (NSS)

Application

Universal CEF

RV-N-18

1С

1С:Предприятие

8.3

ERP

Агент R-Vision Endpoint

Скрипт

RV-N-1

RV-N-2

1С-Битрикс

Битрикс24

Application

DB (MySQL)

RV-N-3

АйТи Бастион

СКДПУ НТ

PAM

Universal CEF

RV-N-18

АЛТЭКС-СОФТ

RedCheck

2.9

Syslog

RV-N-104

Атом Безопасность

StaffCop

5.5

DLP

Syslog CEF

RV-N-118

Гарда Технологии

Гарда DBF

DBF

Syslog CEF

RV-N-138

Гарда Технологии

Гарда DLP

1.0

DLP

Syslog

RV-N-171

Гарда Технологии

Гарда NDR

NDR

Syslog CEF

RV-N-163

Гарда Технологии

Гарда WAF

2.4

WAF

DB (PostgreSQL)

RV-N-144

ИнфоТеКС

ViPNet Coordinator

NGFW

Syslog

RV-N-46

ИнфоТеКС

ViPNet IDS NS

3.10

IDS

Syslog CEF

RV-N-145

ИнфоТеКС

ViPNet TIAS

3.10

TI (IDS Center)

Syslog CEF

RV-N-146

Код Безопасности

Secret Net LSP

1.12

ACM

Syslog

RV-N-108

Код Безопасности

Secret Net Studio

ACM

DB (MSSQL)

RV-N-109

RV-N-110

Код Безопасности

Континент

NGFW

Syslog

RV-N-112

Конфидент

ЕЦУ Dallas Lock

Syslog

DB (PostgreSQL)

RV-N-133

RV-N-135

Конфидент

Сервер безопасности Dallas Lock

Syslog

DB (MSSQL)

RV-N-134

RV-N-135

Конфидент

Сервер безопасности Dallas Lock

Syslog

DB (MSSQL)

RV-N-134

RV-N-135

Открытая Мобильная Платформа

Аврора Центр

Application

DB (PostgreSQL)

RV-N-162

Пассворк

Vault

Syslog CEF

RV-N-94

Ред Софт

RedOS

Агент R-Vision Endpoint

RV-N-57

РусБИТех-Астра

ALD Pro

2.0.0

LDAP

Syslog

RV-N-38

RV-N-39

RV-N-40

RV-N-41

РусБИТех-Астра

Astra Linux

1.7

Агент R-Vision Endpoint

RV-N-57

Сайберпик

Спектр

3.5

Syslog CEF

RV-N-141

СберТех

Platform V Pangolin SE

Syslog

RV-N-107

СёрчИнформ

СёрчИнформ КИБ

DLP

Universal CEF

RV-N-18

Солар

Solar Dozor

7, 8

DLP

Syslog

RV-N-113

Солар

Solar inRights

IDM

Syslog

RV-N-114

Солар

Solar webProxy

4.1

DLP

Syslog

RV-N-115

RV-N-116

С-Терра СиЭсПи

С-Терра Шлюз

4.3

VPN

Syslog

RV-N-106

Была ли полезна эта страница?

Обратная связь