Supported Devices/Products Matrix

Data ingestion

The following matrix shows the products currently supported by Fluency SIEM, along with the type of data ingress/integration.

Vendor	Product	API	Https (HEC)	Syslog	Misc	Date Updated
Acronis	Cyber Protect Cloud	Y*				2023-Jul
Avatier	AIMS			Y
Avanan	Email Security				* via AWS-S3
AWS	CloudTrail	Y
	CloudWatch Logs	Y
	CloudWatch Metrics	*			PureCloudOps
Barracuda	Firewall			Y
Bitdefender	GravityZone		Y*
BlackBerry	CylancePROTECT	Y				2023-Jul
Broadcom	Symantec EPC	Y
Cisco	ASA			Y
	AMP		Y
	Defense Orch. (CDO)			Y*
	ISE		Y
	FTD (Firepower)		Y
	Meraki	Y*		Y
	Umbrella(OpenDNS)				Cisco-managed S3
Citrix	NetScaler			Y		2021-Oct
Check Point	Firewall (NGFW)			Y
	Sandblast			Y
Coro	Cybersecurity		Y		2023-Sep
CrowdStrike	Falcon EDR	Y
Darktrace	Darktrace	Y*
Digital Defense	Frontline VM	Y*
Duo Security	Audit API	Y
EdgeCast	Firewall (CDN)				* via AWS-S3
EclecticIQ	-			Y
FireEye	ETP (email)	Y
	HX (endpoint)	Y
Fortinet	FortiAnalyzer			Y
	Fortigate NGFW			Y
	Foritnet Cloud	-
Frontline	Vulnerability Mgmt	Y*
Google	G-Suite (Workspace)	Y			Audit API
Imperva	Incapsula	Y*			via AWS-S3
Infoblox	DNS			Y
Linux	Syslog			Y	audispd / sshd
	dnsmasq (DNS)			Y	via rsyslog
McAfee	Web Gateway			Y
	MVision	Y*
	ePO			Y
Microsoft	Office365 (M365)	Y			Multiple APIs
	Azure EventHub	Y
	Azure AD Audit	Y
	Defender	Y			Defender Cloud / ATP
	Windows EventLog			Y	* via NXLog agent
	Windows LDAP				* requires local collector
Mimecast	Email Security			Y
Okta	Audit API	Y
PaloAlto	Firewall (NGFW)			Y
	Cortex XDR			Y
	GlobalProtect VPN			Y
Peplink	Router/Firewall	Y*		Y	w/ InControl API
Ping Identity	PingFederate			Y
Proofpoint	Email Security	Y*
Qualys	Cloud Plateform	Y*
Salesforce	Event Monitoring	Y*			2023-Oct
SentinelOne	EDR	Y		Y
	CloudFunnel				* via AWS-S3	2023-Jun
	Ranger	-
Seraphic	Browser Security	Y				2023-Nov
SonicWall	Firewall (NGFW)			Y		2022-Mar
Sophos	EDR	Y*
	Firewall			Y		2021-Dec
Tainium	Endpoint Security	Y*
Tenable	Vulnerability Mgmt	Y*			Tenable.io
Trellix	Endpoint Security	Y*
Trend Micro	Apex Central			Y
	Deep Security			Y		2022-Jan
	Worry-Free Security	-			no method available
VMware	Carbon Black	Y
	Carbon Black PSC	Y
Zix	Email Security	Y*
Zoom	Video Conferencing	Y*

Syslog	Data Source (not listed above)			Y	*new parser upon request

"*": Supported, but not enabled by default. Please contact Fluency Support to enable this integration for your instance.

Use the following link to: Create a Support Ticket

Event Notification

The following matrix shows the products currently supported by Fluency SIEM for event/notification export.

Vendor	API	Webhook	Misc
Email			SIEM Alert Export
Slack	Y		SIEM Alert Export
PagerDuty	Y	Y	SIEM Alert Export

Page last updated: 2023 Nov 14

Supported Devices/Products Matrix

Data ingestion​

Event Notification​

Data ingestion

Event Notification