Skip to main content
Skip table of contents

Supported Log Source Types

The following log source types are currently supported by Axon.

A10 Networks

  • A10 Next Gen WAF

Akamai

  • Akamai CEF
  • Security Events

Amazon Web Services (AWS)

  • Amazon AppFlow
  • Amazon DynamoDB
  • Amazon ElastiCache
  • Amazon Inspector
  • Amazon Kinesis
  • Amazon OpenSearch Service
  • Amazon Relational Database Service
  • Amazon S3 Glacier
  • Amazon Simple Email Service
  • Amazon Simple Notification Service
  • Amazon Simple Queue Service Config
  • Amazon Simple Storage Service (Amazon S3)
  • Amazon Virtual Private Cloud
  • Amazon WorkDocs
  • Amazon Application Discovery Service
  • Application Migration Service
  • Athena
  • Batch
  • Certificate Manager
  • Certificate Manager Private Certificate Authority
  • Cloud Map
  • Cloud9
  • Cloud Formation
  • CloudHSM
  • Data Lifecycle Manager
  • DataSync
  • Detective
  • Elastic Beanstalk
  • Elastic Container Registry
  • Elastic Container Service
  • Elastic Kubernetes Service
  • Elastic Load Balancing
  • Firewall Manager
  • GuardDuty
  • IAM Identity Center
  • Identity and Access Management
  • IoT Analytics
  • IoT Events
  • Key Management Service
  • Lambda
  • License Manager
  • MongoDB
  • Outposts
  • Redshift
  • Resource Access Manager
  • Resource Groups
  • Route 53
  • Secrets Manager
  • Security Hub
  • Security Token Service
  • Shield
  • Simple Workflow Service
  • Storage Gateway
  • Transit Gateway
  • Web Application Firewall

Apache

  • Airflow

Arista

  • Switch

Aruba

  • Switch

BeyondTrust 

  • Privileged Remote Access

BlackBerry

  • Cylance Events

Broadcom

  • Symantec DLP
  • Symantec Manager Cloud

CyberArk

  • Vault

Check Point Firewall

  • Check Point Firewall
  • Check Point Firewall Legacy

Cisco

  • Adaptive Security Appliance (ASA)
  • Cisco IOS (Internetwork Operating System)
  • Cisco Meraki
  • Cisco Secure Endpoint

  • Cisco Secure Web

  • DUO (Cisco Secure Access)

  • FirePower Threat Defense (FTD)
  • Identity Services Engine (ISE)
  • Meraki Cloud
  • Secure Access Control Server
  • Umbrella
  • Wireless

Cloudflare

  • Cloudflare

CrowdStrike

  • Falcon Events
  • Falcon Replicator

Darktrace

  • Darktrace

Digital Shadows

  • Searchlight

Dragos

  • Dragos

F5 Big-IP

  • APM Streaming Telemetry

  • AFM Streaming Telemetry
  • ASM Streaming Telemetry
  • F5 BIG IP APM
  • F5 BIG IP TMM
  • LTM Streaming Telemetry
  • System

FireEye

  • Web Malware Protection Systemâ„¢ (MPS)

Forcepoint

  • Forcepoint Cloud Access Security Broker (CASB)
  • Secure Web Gateway (CEF)

Fortinet

  • FortiGate Firewall
  • FortiGate Firewall v7
  • FortiAnalyzer
  • FortiAuthenticator

  • FortiNAC

Google

  • Gmail Message Tracking
  • Google Cloud Audit
  • Google Security Command Center (SCC)
  • Google Workspace AlertCenter

  • Google Workspace

Internet Information Services

  • IIS W3C

Imperva Incapsula

  • Imperva Cloud Web Application Firewall (Incapsula)
  • Imperva Incapsula via Syslog

IronNet

  • IronDefense

Jamf

  • Jamf Pro

Juniper

  • Junos
  • SSL VPN

LogRhythm

  • Axon Bypass 
  • Axon NDR 
  • Axon Audit
  • Axon Agent

Linux

  • Linux Audit
  • Linux OS

ManageEngine

  • Privileged Access Management (PAM360)

Mimecast 

  • Email Security
  • Mimecast Leef

McAfee

  • ePO - OnPrem

Microsoft

Azure

  • Active Directory
  • Active Directory Identity Protection 
  • Activity - Administrative
  • Activity - Alert
  • Activity - Autoscale
  • Activity - Policy
  • Activity - Recommendation
  • Activity - Resource Health
  • Activity - Security
  • Activity - Service Health
  • API Management
  • Application Gateway
  • Automation
  • Backup
  • Database for MySQL
  • Database for PostGreSQL
  • Databricks
  • Data Explorer
  • Data Factory
  • Data Lake Analytics
  • Data Lake Storage
  • DDoS Protection
  • DevOps Services
  • Event Hub
  • Firewall
  • Front Door
  • IoT Hub
  • Key Vault
  • Load Balancer
  • Network Security Groups
  • Security Alerts
  • Service Bus
  • SQL
  • Web Application Firewall

Microsoft Active Directory Federated Service

  • Microsoft ADFS

Office 365 Message Tracking

  • M365 Threat Management
  • Office 365 Management Activity
  • Office 365 Message Tracking

Powershell

  • Powershell

Sysmon for Windows

  • Sysmon for Windows

Windows

  • Active Directory Domain Service
  • Application
  • Defender
  • Defender Advanced Hunting
  • DNS Server
  • Group Policy
  • Security
  • System
  • Windows Management Instrumentation

Netskope

  • Netskope

Netmon

  • Netmon

NGINX

  • NGINX

Okta

  • Okta

OneLogin

  • OneLogin

Oracle 

  • Cloud Infrastructure Audit

Palo Alto

  • Next-Gen Firewall
  • Cortex Data Lake

  • Cortex XDR

  • Prisma Cloud

Proofpoint

  • Targeted Attack Protection (TAP)

Qualys

  • File Integrity Monitoring (FIM)

RSA

  • SecureID Cloud

Recorded Future

  • Recorded Future

SAP

  • SIN LOG SAMPLE SAP Hana

SecureAuth

  • IDP

SentinelOne

  • SentinelOne Cloud Funnel
  • SentinelOne Singularity XDR

Snort

  • Snort

Sophos

  • Sophos Central

Sysdig

  • Sysdig Secure

Tanium

  • Tanium

Trend Micro

  • ApexOne
  • Deep Discovery Director

  • Email Security

  • Trend Micro Cloud App Security

Vault

  • Hashicorp Vault

VMWare

  • Carbon Black Cloud
  • Carbon Black App Control
  • vSphere ESXI​

Zoom

  • Zoom

ZScaler

  • ZScaler Internet Access (ZIA)
  • ZScaler Internet Access (Syslog)

  • ZScaler Private Access (ZPA)


JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.