System Integrations

Introduction  With 1Password Business, you can send your account activity to your security infor...

Introduction  Elastic Stack security features can be configured to authenticate users through Ac...

Introduction  The Windows integration allows you to monitor the Windows OS, services, applicatio...

1Password Events Reporting Integration Manual With 1Password Business, you can forward account a...

What are API token scopes? Scopes define what actions an API token is allowed to perform in Atla...

Overview The AWS Integration enables the collection of logs and metrics from your Amazon Web Ser...

The Azure Logs integration enables you to collect logs from specific Azure services such as: ...

Cisco Meraki provides a centralized cloud management platform for devices like MX Security Applia...

Introduction Cisco Secure Endpoint is a cloud-delivered, advanced endpoint detection and respons...

Introduction Cisco Umbrella is a cloud-delivered security platform that provides an additional l...

Introduction Cloudflare logs provide detailed insights into client connections, request paths th...

Integrating Digital Guardian (DG) with AQUILA for security log ingestion typically involves expor...

Please follow these instructions: Step 1: Log in to your Fortinet FortiGate Admin portal and n...

Purpose This document explains, in a clear and practical way, how to locate GitLab log files on ...

Google Workspace Integration Overview The Google Workspace integration collects and parses...

Overview Host Isolation Exception allows isolated endpoints to maintain connectivity to specific...

Overview Host isolation exceptions (also called endpoint isolation exclusions) are configurable ...

Overview This integration with Microsoft Office 365 supports the ingestion of user, administrato...

Mimecast Integration Guide Integrate Mimecast with your security platform via API to collect ema...

Overview The Nginx Integration provides comprehensive monitoring and observability for Nginx ser...

This integration is for ingesting Audit Trail logs and fetching performance, tablespace and sysme...

Please find below the instructions required to set up this integration: To configure PostgreSQL ...

Overview The Salesforce integration enables you to monitor your Salesforce instance. Salesforce ...

Overview With the OAuth 2.0 JWT bearer token flow, the client posts a JWT to the Salesforce OAut...

Auth0 Integration Guide Integrate Auth0 to ingest identity-related logs such as login attempts, ...

Outlook Add-in for Microsoft 365 Overview AQUILA – SNIFF & Detect is a custom integration app...

This integration collects syslog messages from SonicWall firewalls. It has been tested with Enhan...

Purpose This document outlines the procedure to integrate Varonis DatAlert or DatAdvantage with ...

Overview This page explains how to get started monitoring the security posture of your cloud ass...

This manual explains how to get started monitoring the security posture of your Azure CSP using t...

Authentication To use this CSPM Google Cloud Platform (GCP) integration, you need to set up a ...

This Google Cloud integration collects and analyzes a wide range of logs and metrics to provide c...

Introduction  The Bitbucket integration collects audit logs from the audit log files or the audi...

Introduction  The Bitbucket integration collects audit logs from the audit log files or the audi...

STEP 1: Enable APIs You’ll need access to one of the following APIs: Cloud Identity API (fo...

JumpCloud Intoduction JumpCloud allows you to automate user account creation and syncing withou...

OneLogin (via SCIM)  Introduction:  OneLogin gives users the ability to access the applications...

To automatically fetch user accounts into Azure (e.g., for Azure Active Directory / Microsoft Ent...

To automatically fetch user accounts into Okta without needing to manually import them, you shoul...

Introduction  The AWS CloudTrail integration allows you to monitor AWS CloudTrail  Reference: h...

Introduction  The Amazon GuardDuty integration collects and parses data from Amazon GuardDuty Fi...

Introduction  This document shows information related to AWS Integration.   The AWS integration...

Introduction  The AWS Security Hub integration collects and parses data from AWS Security Hub RE...

The Application Insights Integration allows users to collect metrics from Azure Application Insig...

Overview The Application Insights Integration allows users to retrieve application insights metr...

 Here are the necessary steps to resolve the issue. Step 1: Go to your Azure Portal and log in...

Introduction This document shows information related to Azure Active Directory Integration.The A...

BitDefender GravityZone supports SIEM integration using "push notifications", which are JSON mess...

Overview The Bitwarden integration allows users to monitor collections, events, groups, members ...

How to Configure Windows Event Forwarding for User Awareness Cato Networks’ User...

To fully integrate the Cato Networks API with the Elastic Stack (ELK Stack), you can follow this ...

1. Overview Cato Networks is a cloud-native Secure Access Service Edge (SASE) platform that conv...

To integrate Cisco AMP for Endpoints (now part of Cisco Secure Endpoint) with Elastic, follow the...

Method 1: Using GUI Configure log forwarding Sign in to the Meraki Dashboard with adminis...

Introduction  Cisco Meraki offers a centralized cloud management platform for all Meraki devices...

Login to Cisco Meraki Dashboard: Go to the Meraki Dashboard and log in with your credentials...

Overview The Cisco Nexus integration allows users to monitor Errors and System Messages. The Cis...

The Cisco Email Security Appliance (ESA) integration is a comprehensive solution for managing and...

Authentication  The Secure Endpoint API requires access via an authenticated and authorized acco...

Introduction  Secure Endpoint offers cloud-delivered, advanced endpoint detection and response a...

Introduction  Cisco Umbrella is a cloud security platform that provides an additional line of de...

Introduction  Cloudflare integration uses Cloudflare's API to retrieve audit logs and traffic lo...

Steps to Get Client ID and Client Secret in CrowdStrike Falcon Log in to the Falcon Console ...

Introduction  This integration is for CrowdStrike products. It includes the following datasets f...

Introduction This guide explains how to send security alerts from CrowdStrike Falcon to your Sec...

Get started with CSPM for AWS Overview This page explains how to get started monitoring t...

Custom Windows Event Logs Collect and parse logs from any Windows event log channel with Elastic...

Go to > Cyber Incident Monitoring

Configure the Vault to Forward syslog Messages to PTA The system logger of the Vault must be con...

Requirements You Must Have Why You Need It Elastic Agent installed ...

Introduction  Connecting Dropbox  Use the Workplace Search Dropbox connector to automatically c...

Log in to SonicWall UI Open a web browser Go to your SonicWall’s IP (e.g., https://192.168....

Step 1: Install rsyslog1. Open terminal.2. Run the following commands: sudo apt update sudo apt...

ESET PROTECT allows you to efficiently manage ESET products across workstations and servers withi...

ESET Threat Intelligence provides advanced, real-time insights into global cybersecurity threats,...

Introduction  This document shows information related to F5 Integration.   The F5 BIG-IP integr...

Method 1: Network logs forwarding The Network logs forwarding page ("Settings" > "System Setti...

Introduction  This integration is for Fortinet FortiGate logs sent in the syslog format.  Pre...

Introduction This guide will walk you through setting up Rsyslog for log forwarding between a cl...

Go to the Google Cloud Console. Navigate to IAM. Click on "IAM & Admin" in the left...

Please refer to these instructions to enable Cloud Asset API. To enable the Cloud Asset API fo...

Setup Log Sink Using Google Cloud Console Navigate to "Logging" > "Log Router" > "Create Sin...

This Google Cloud integration collects and analyzes a wide range of logs and metrics to provide c...

Introduction  The GitHub integration collects events from the GitHub API.  https://docs.g...

GitHub Integration The GitHub integration collects events from the GitHub API. Logs Audit The...

GitHub Integration Introduction Elastic’s GitHub integration allows you to ingest GitHub logs, ...

Introduction  Introduced in GitLab Starter 8.4. Support for Amazon Elasticsearch was introduced ...

Requirements   To integrate with Google Cloud Platform (GCP), you need to set up the following: ...

Introduction  Google Workspace (formerly G Suite) is a suite of cloud computing, productivity an...

Introduction This guide explains how to protect your website using Cloudflare Web Application Fi...

Access the App Open Outlook and check the apps panel to ensure Sniff & Detect is listed an...

Introduction  The JumpCloud integration allows you to monitor events related to the JumpCloud Di...

To create a JSON Web Token (JWT) for Salesforce on Kali Linux, you can follow the steps below. Ka...

Log Forwarder EventLog Analyzer's Syslog Forwarder transmits logs from various sources to a dest...

Microsoft Office 365 integration currently supports user, admin, system, and policy actions...

Summary of Actions Required: Register an app in Microsoft Entra ID and configure API permissions...

1. Overview This report outlines the key differences, advantages, disadvantages, and recomme...

The Microsoft SQL Server integration package allows you to search, observe, and visualize the SQL...

Introduction  The Mimecast integration collects events from the Mimecast API.  Assumpti...

Introduction  This integration is used to fetch logs and metrics from MongoDB.  Assumpt...

How to Send Logs to a Remote Syslog Server Summary: This article briefly describes how to confi...

Introduction  The Okta integration collects events from the Okta API, specifically reading from ...

Palo Alto Cortex XDR Integration Using the Cortex XDR APIs, you can integrate Cortex XDR with th...

Introduction This guide outlines how to configure Syslog filters on Palo Alto Networks firewalls...

Configure Syslog Monitoring STEP 1 - Configure a Syslog server profile.  Select Device-->...

Why Whitelist in Office 365? Whitelisting ensures the CyTech - AQUILA Phishing Simulation(PS) Mo...

Introduction  This integration is for Pulse Connect Secure.  https://www.ivanti.com/pro...

The Azure Resource Manager (ARM) endpoint is the primary entry point for interacting with the Azu...

The SentinelOne integration collects and parses data from SentinelOne REST APIs. This integration...

SonarQube Introduction SonarQube is a self-hosted or cloud-enabled tool that scans source code ...

Qualys VMDR Integration Guide  Integrate Qualys Vulnerability Management, Detection and Response...

Introduction  Slack is used by numerous organizations as their primary chat and collaboration to...

Overview The Sophos Central integration allows you to monitor Alerts and Events logs. Sophos Cen...

Introduction  The Sysmon for Linux integration allows you to monitor the Sysmon for Linux, which...

Introduction  The System integration allows you to monitor servers, personal computers, and more...

Remote File Copy via TeamViewer   Identifies an executable or script file remotely downloaded vi...

This integration periodically fetches logs and metrics from vSphere vCenter servers.   Compatibi...

Whitelist Cisco IronPort (ESA) for CyTech – AQUILA Phishing Simulation Why Whitelist in Cisco Ir...

Why Whitelist in Office 365? Whitelisting ensures the CyTech - AQUILA Phishing Simulation(PS) Mo...

Introduction Windows Event Forwarding (WEF) allows the collection of event logs from multiple Wi...

Overview This PowerShell script forwards Windows event logs to a Linux server using the syslog p...

Introduction  This integration is for Zscaler Internet Access logs. It can be used to receive lo...