Supported Data Sources
Interset 5.6.0 supports the following data sources. For .csv data sources, the delimiter can be customized.
- Active Directory
- Active Directory event logs stored in Splunk®
- Active Directory event logs stored in HP Arcsight Logger
- Active Directory event logs stored in McAfee® Enterprise Security Manager (ESM)
- Active Directory event logs stored in IBM QRadar
- Windows Security event logs (.csv)
- Interset-extracted Windows event logs (.csv)
- Universal Windows event logs (.csv)
- Windows Event Viewer-extracted event logs (.csv)
- Universal authentication logs
- Universal Alerts stored in third-party DLP systems (.csv)
- NetFlow
- Version 5
- Version 9
- Version 10 (IPFIX)
- Repository
- Perforce
- P4AUDIT logs
- Perforce Structured Server audit logs
- GitHub Enterprise audit logs
- Universal repository logs (.csv)
- Pluggable Authentication Module (PAM) AuditD logs (.csv)
- Printer logs
- Windows printer events stored in Splunk
- Windows event logs (.csv)
- Universal logs (.csv)
- Universal Web Proxy (.csv)
- Endpoint data
- Violations
- Expense Data
- Email Data
Comments