No, The Fluency server is also a collector itself. For larger user with on-prem or private cloud VPCs, we support physical or virtual collectors. But sending data directly to Fluency (upload-to-cloud, or cloud-to-cloud) is fully supported for most users.
Yes, Fluency supports Syslog with TLS. This is done on port 6514 TCP. An advantage of a Fluency collector, is it's ability to upload data securely to the Fluency cloud instance via HTTPS.
JSON formatted data is preferred but Fluency has the ability to parser many types of data. In fact, Fluency already supports parsers for many commonly seen devices out-of-box. In cases were your data format is not supported, Fluency Support will work will you to create a parser.
See the Integration Section for a full list of supported devices.
Yes, Fluency support a variety of Cloud-based APIs, via our Plugins. See the Integration Section for a full list.
Yes, Fluency’s design is structured such that we do support streaming data feeds such as SentinelOne’s Deep Visibility Hermes feeds directly from their tool. This is in parallel to their syslogs and API’s.
Do we have prebuild query/reports/behavioral rules.
Yes. Mention github import.
Fluency support can be reached via email. Slack or MS Teams are other methods to reach us. Please let us know if you would like to be added to our Slack channel
Yes. Our current API documentation can be found at the following site: https://api.fluencysecurity.com/