Advanced Search
Search Results
215 total results found
AQUILA User Guide
Welcome to the AQUILA User Guide!We’re glad to have you on board. This guide is your complete resource for understanding and using AQUILA with confidence. Inside, you’ll find step-by-step instructions, helpful tips, and detailed explanations of each feature — ...
AQUILA NG SIEM
Welcome to the AQUILA NG SIEM Agent-Based and Agentless Integration Guide!This guide is designed to help you understand and implement both agent-based and agentless integrations with ease. Whether you’re deploying local agents for deeper system visibility or c...
AQUILA - Integration Manual
Welcome to the AQUILA Integration Manual!We’re excited to have you here as you begin connecting AQUILA with your systems and tools. This guide is designed to walk you through every step of the integration process — from initial setup and configuration to advan...
FAQ's
Welcome to the AQUILA FAQ section — your quick reference for common questions and answers across AQUILA’s features and integrations. Here, you’ll find helpful information covering setup, configuration, troubleshooting, and best practices to make the most of yo...
System Integrations
Can't find your integration? No worries, if your desired integration isn't listed, you can create a support ticket and let us know what you need. Our team will check your request and get back to you with updates or alternatives. Tip: Share details like the i...
Log Collector FAQs
These are FAQs related to the installation of the CyTech Log Collector.
Phishing Simulation FAQs
O365 FAQs
Log Collector Installations
Set up and configure the AQUILA Log Collector with ease to ensure accurate and secure log collection across all your sources. Whether deployed in an agent-based or agentless environment, AQUILA helps you centralize data, enhance visibility, and simplify troubl...
Cyber Monitoring
Gain complete visibility and control over your digital environment with AQUILA’s advanced cyber monitoring capabilities. From real-time threat detection to continuous anomaly tracking, AQUILA empowers your team to stay ahead of risks across networks, endpoints...
Cyber Governance
Strengthen your organization’s security posture with AQUILA’s comprehensive cyber governance capabilities. Define clear policies, maintain compliance, and ensure accountability across both agent-based and agentless environments. AQUILA empowers you to build a ...
Cyber Compliance
Achieve and maintain compliance effortlessly with AQUILA’s intelligent cybersecurity framework. Streamline management, automate reporting, and ensure alignment with industry and regulatory standards across agent-based, agentless, or hybrid environments. AQUILA...
Risk Management
Take control of your organization’s cybersecurity risks with AQUILA’s intelligent risk management capabilities. Monitor threats in real time, prioritize vulnerabilities, and strengthen your overall defense posture. With AQUILA, you can build a proactive and re...
Identity Security
Protect and manage user identities with confidence using AQUILA’s advanced identity security capabilities. Control access, detect identity-based threats, and enforce strong authentication policies across both agent-based and agentless environments. AQUILA help...
Data Security
Safeguard your organization’s most valuable information with AQUILA’s powerful data protection capabilities. From monitoring data flow to preventing unauthorized access, AQUILA empowers you to maintain confidentiality, integrity, and compliance across every en...
Agent-less Integration
Integrate AQUILA seamlessly across your infrastructure without installing local agents. Using secure network connections and APIs, AQUILA collects data, monitors activity, and delivers real-time insights with minimal system impact. Simplify deployment, reduce ...
Agent-based Integration
AQUILA EDR Installation
Deploy and configure the AQUILA Endpoint Detection and Response (EDR) solution quickly and efficiently. Whether using an agent-based setup for deep endpoint visibility or an agentless approach for simplified management, AQUILA ensures a smooth installation pro...
CRAM™ Onboarding Guide
User guide for Onboarding CRAM
Common Encountered Issues
Microsoft 365
Microsoft Office 365 integration currently supports user, admin, system, and policy actions and events from Office 365 and Azure AD activity logs exposed by the Office 365 Management Activity API. Procedures To perform the setup, please confirm that y...
Cyber Incident Monitoring Integration Procedure
Go to > Cyber Incident Monitoring
GitHub
Introduction The GitHub integration collects events from the GitHub API. https://docs.github.com/en/rest?apiVersion=2022-11-28 Logs Audit The GitHub audit log records all events related to the GitHub organization. To use this integratio...
Sysmon for Linux
Introduction The Sysmon for Linux integration allows you to monitor the Sysmon for Linux, which is an open-source system monitor tool developed to collect security events from Linux environments. Use the Sysmon for Linux integration to collect logs from li...
1 Password Integrations
Introduction With 1Password Business, you can send your account activity to your security information and event management (SIEM) system, using the 1Password Events API. Get reports about 1Password activity, such as sign-in attempts and item usage, while y...
Add Windows Integrations
Introduction The Windows integration allows you to monitor the Windows OS, services, applications, and more. https://docs.microsoft.com/ Use the Windows integration to collect metrics and logs from your machine. Then visualize that data i...
Atlassian Bitbucket Integrations
Introduction The Bitbucket integration collects audit logs from the audit log files or the audit API. Reference: https://developer.atlassian.com/server/bitbucket/reference/rest-api/ Assumptions The procedures described in Section 3 assume tha...
AWS Cloudtrails Integrations
Introduction The AWS CloudTrail integration allows you to monitor AWS CloudTrail Reference: https://aws.amazon.com/cloudtrail/ Use the AWS CloudTrail integration to collect and parse logs related to account activity across your AWS infrastructure. Then ...
AWS GuardDuty Integrations
Introduction The Amazon GuardDuty integration collects and parses data from Amazon GuardDuty Findings REST APIs. The Amazon GuardDuty integration can be used in three different modes to collect data: HTTP REST API - Amazon GuardDuty pushes logs d...
AWS Security Hub Integrations
Introduction The AWS Security Hub integration collects and parses data from AWS Security Hub REST APIs. Assumptions The procedures described in Section 3 assumes that a Log Collector has already been setup. Compatibility This module ...
AWS Integrations
Introduction This document shows information related to AWS Integration. The AWS integration is used to fetch logs and metrics from Amazon Web Services. The usage of the AWS integration is to collect metrics and logs across many AWS services managed by ...
CISCO Meraki Integrations
Introduction Cisco Meraki offers a centralized cloud management platform for all Meraki devices such as MX Security Appliances, MR Access Points and so on. Its out-of-band cloud architecture creates secure, scalable, and easy-to-deploy networks that can be m...
CISCO Secure Endpoint Integrations
Introduction Secure Endpoint offers cloud-delivered, advanced endpoint detection and response across multidomain control points to rapidly detect, contain, and remediate advanced threats. Assumptions The procedures described in Section 3 assume tha...
CISCO Umbrella Integrations
Introduction Cisco Umbrella is a cloud security platform that provides an additional line of defense against malicious software and threats on the internet by using threat intelligence. That intelligence helps prevent adware, malware, botnets, phishing attac...
Cloudflare Integration
Introduction Cloudflare integration uses Cloudflare's API to retrieve audit logs and traffic logs from Cloudflare, for a particular zone, and ingest them into Elasticsearch. This allows you to search, observe and visualize the Cloudflare log events through E...
Crowdstrike Integrations
Introduction This integration is for CrowdStrike products. It includes the following datasets for receiving logs: falcon dataset consists of endpoint data and Falcon platform audit data forwarded from Falcon SIEM Connector. fdr dataset consists of logs f...
Dropbox Integrations
Introduction Connecting Dropbox Use the Workplace Search Dropbox connector to automatically capture, sync and index the following items from your Dropbox service: Stored Files Including ID, File Metadata, File Content, Updated by, and timestamps. Dro...
F5 Integrations
Introduction This document shows information related to F5 Integration. The F5 BIG-IP integration allows users to monitor LTM, AFM, APM, ASM, and AVR activity. F5 BIG-IP covers software and hardware designed around application availability, access control...
Fortinet-Fortigate Integrations
Introduction This integration is for Fortinet FortiGate logs sent in the syslog format. Pre-requisite: Configure syslog on FortiGate From the GUI: Log into FortiGate. Select Log & Report to expand the menu. Select Log Settings. Toggle Send ...
GitLab Integrations
Introduction Introduced in GitLab Starter 8.4. Support for Amazon Elasticsearch was introduced in GitLab Starter 9.0. This document describes how to set up Elasticsearch with GitLab. Once enabled, you'll have the benefit of fast search response times and t...