From which applications and devices can GFI EventsManager process logs?
The information in this article applies to:
Article ID: KBID003302
Query keywords:
Application, device, EVT, SNMP traps, Syslog, W3C
GFI EventsManager 8 supports 4 types of logs, which are Windows event logs, W3C format logs and Syslog messages and SNMP. GFI EventsManager also supports SQL Server auditing. The following are some of the applications and devices from which GFI EventsManager can collect logs:
| Access / Identity / Policy / Management
|
|
|
Windows events
|
W3C Logs
|
Syslog messages
|
SNMP Traps
|
| CA eTrust SiteMinder (Netegrity)
|
|
|
|
|
| Cisco Access Registrar - RADIUS access policy server
|
|
|
|
|
| Cisco Secure Access Control Server (ACS)
|
|
|
|
|
| IBM Tivoli Access Manager
|
|
|
|
|
| Oracle Access Manager (NetPoint /Oblix)
|
|
|
|
|
| RSA ACE Server / RSA Secure ID
|
|
|
|
|
| SecurVantage
|
|
|
|
|
| Anti virus management / security management software
|
|
|
Windows events
|
W3C Logs
|
Syslog messages
|
SNMP Traps
|
| F-Secure Anti Virus
|
|
|
|
|
| McAfee Policy Orchestrator
|
|
|
|
|
| Symantec Enterprise Security Architecture
|
|
|
|
|
| Symantec System Center
|
|
|
|
|
| TrendMicro Control Manager
|
|
|
|
|
| Databases
|
|
|
Windows events
|
W3C Logs
|
Syslog messages
|
SNMP Traps
|
| IBM DB2
|
|
|
|
|
| Microsoft SQL Server
|
|
|
|
|
| MySQL
|
|
|
|
|
| Oracle SQL Server
|
|
|
|
|
| PostgreSQL
|
|
|
|
|
| Data Security
|
|
|
Windows events
|
W3C Logs
|
Syslog messages
|
SNMP Traps
|
| Ingrian DataSecure
|
|
|
|
|
| Tivoli Storage Manager
|
|
|
|
|
| Vormetric Data Security Expert
|
|
|
|
|
| Directory Services
|
|
|
Windows events
|
W3C Logs
|
Syslog messages
|
SNMP Traps
|
| Microsoft Active Directory
|
|
|
|
|
| OpenLdap
|
|
|
|
|
| DNS \ DHCP Servers
|
|
|
Windows events
|
W3C Logs
|
Syslog messages
|
SNMP Traps
|
| Bind
|
|
|
|
|
| Dhcpd
|
|
|
|
|
| Microsoft DHCP Server
|
|
|
|
|
| Microsoft DNS Server
|
|
|
|
|
| Email Filtering /email server
|
|
|
Windows events
|
W3C Logs
|
Syslog messages
|
SNMP Traps
|
| CypherTrust IronMail
|
|
|
|
|
| Lotus Domino
|
|
|
|
|
| Proventia MailFilter
|
|
|
|
|
| Honeypots
|
|
|
Windows events
|
W3C Logs
|
Syslog messages
|
SNMP Traps
|
| Honeyd
|
|
|
|
|
| ManTrap
|
|
|
|
|
| Symantec Decoy Server
|
|
|
|
|
| Specter
|
|
|
|
|
| IDS /IPS
|
|
|
Windows events
|
W3C Logs
|
Syslog messages
|
SNMP Traps
|
| BlackIce suite
|
|
|
|
|
| Border Guard
|
|
|
|
|
| Cisco IPS 4200 Sensors series (device)
|
|
|
|
|
| Cisco Secure IDS
|
|
|
|
|
| Cisco Security Agent
|
|
|
|
|
| Dragon network sensors (device)
|
|
|
|
|
| Juniper IDP
|
|
|
|
|
| MCAfee Entercept
|
|
|
|
|
| McAfee IntruShield (appliance)
|
|
|
|
|
| NFR-NID (sensor)
|
|
|
|
|
| Prelude Hybrid
|
|
|
|
|
| Primary Response
|
|
|
|
|
| Proventia IPS (appliance)
|
|
|
|
|
| RealSecure Server Sensor
|
|
|
|
|
| Snort
|
|
|
|
|
| Sourcefire Intrusion sensor
|
|
|
|
|
| Sourcerfire RNA
|
|
|
|
|
| Symantec Critical System Protection
|
|
|
|
|
| Symantec ITA
|
|
|
|
|
| Symantec ManHunt
|
|
|
|
|
| Symantec NetProwler
|
|
|
|
|
| Symantec Network Security 7100
|
|
|
|
|
| TippingPoint IPS (50, 200, 200E,600E, 1200E, 2400E, 5000E)
|
|
|
|
|
| Integrated security
|
|
|
Windows events
|
W3C Logs
|
Syslog messages
|
SNMP Traps
|
| Juniper Secure Service Gateway SSG 300 series UTM Appliances
|
|
|
|
|
| Sidewinder
|
|
|
|
|
| Cisco IPS 4200 Sensors series (device)
|
|
|
|
|
| SonicWall
|
|
|
|
|
| Mail Servers
|
|
|
Windows events
|
W3C Logs
|
Syslog messages
|
SNMP Traps
|
| Exim
|
|
|
|
|
| Microsoft Exchange Server
|
|
|
|
|
| Netscape Messaging Server
|
|
|
|
|
| Postfix
|
|
|
|
|
| Sendmail
|
|
|
|
|
| Network Behaviour Analysis
|
|
|
Windows events
|
W3C Logs
|
Syslog messages
|
SNMP Traps
|
| PeakFlow
|
|
|
|
|
| StealthWatch
|
|
|
|
|
| Network /devices management
|
|
|
Windows events
|
W3C Logs
|
Syslog messages
|
SNMP Traps
|
| CiscoWorks
|
|
|
|
|
| Juniper NetScreen Security Manager
|
|
|
|
|
| NFR Central Management Server
|
|
|
|
|
| Proventia Management Siteprotector
|
|
|
|
|
| Sourcefire Defense Center
|
|
|
|
|
| Operating Systems
|
|
|
Windows events
|
W3C Logs
|
Syslog messages
|
SNMP Traps
|
| Microsoft Windows 2000 SP4 Operating System to Microsoft Vista and Microsoft 2008 Server
|
|
|
|
|
| Unix \ Linux Distributions
|
|
|
|
|
| Proxy Servers
|
|
|
Windows events
|
W3C Logs
|
Syslog messages
|
SNMP Traps
|
| Microsoft ISA Server
|
|
|
|
|
| Squid
|
|
|
|
|
| Sun Java System Web Proxy
|
|
|
|
|
| Remote Access
|
|
|
Windows events
|
W3C Logs
|
Syslog messages
|
SNMP Traps
|
| PCAnywhere
|
|
|
|
|
| Routers \ Switches \ Firewalls
|
|
|
Windows events
|
W3C Logs
|
Syslog messages
|
SNMP Traps
|
| 3Com 5000 and 6000 families
|
|
|
|
|
| 3Com 4500 and higher series
|
|
|
|
|
| Allied Telesis 8xxx series
|
|
|
|
|
| Allied Telesis AT-AR-700 series
|
|
|
|
|
| Allied Telesis AT-AR400 series
|
|
|
|
|
| Allied Telesis Rapier series
|
|
|
|
|
| Allied Telesis Secure VPN router
|
|
|
|
|
| Allied Telesis SwitchBlade series
|
|
|
|
|
| Astaro Linux Firewall
|
|
|
|
|
| Baracuda
|
|
|
|
|
| CheckPoint FW-1
|
|
|
|
|
| Cisco 2800 series and above
|
|
|
|
|
| Cisco ASA family
|
|
|
|
|
| Cisco Catalyst family
|
|
|
|
|
| Cisco CATOS Switches
|
|
|
|
|
| Cisco IOS Routers
|
|
|
|
|
| Cisco PIX Firewalls
|
|
|
|
|
| CyberGuard TSP Family 1000
|
|
|
|
|
| Dell PowerConnect series
|
|
|
|
|
| HP ProCurve Family
|
|
|
|
|
| HP ProCurve Secure Router
|
|
|
|
|
| Ipchains
|
|
|
|
|
| IPCop
|
|
|
|
|
| Iptables
|
|
|
|
|
| Juniper Networks E-Series
|
|
|
|
|
| Juniper Networks Firewall family
|
|
|
|
|
| Juniper Networks J-Series
|
|
|
|
|
| Juniper Networks M-Series
|
|
|
|
|
| Juniper Networks M-Series
|
|
|
|
|
| Juniper Networks M-Series
|
|
|
|
|
| M0n0wall
|
|
|
|
|
| Netgear ProSafe Layer 2 family
|
|
|
|
|
| Netgear ProSafe Layer 3 family
|
|
|
|
|
| NetGear ProSafe VPN Firewall Router
|
|
|
|
|
| Nokia Checkpoint IPSO Firewall
|
|
|
|
|
| Nortel Secure Router 4134
|
|
|
|
|
| Pf
|
|
|
|
|
| Pfsense
|
|
|
|
|
| Smoothwall
|
|
|
|
|
| Symantec Enterprise Firewall
|
|
|
|
|
| Security Cameras
|
|
|
Windows events
|
W3C Logs
|
Syslog messages
|
SNMP Traps
|
| AKCP security probe
|
|
|
|
|
| Assus mimic
|
|
|
|
|
| Sensors
|
|
|
Windows events
|
W3C Logs
|
Syslog messages
|
SNMP Traps
|
| Fan sensors - AKCP security probe
|
|
|
|
|
| Humidity sensors - AKCP sensorProbe
|
|
|
|
|
| Motion sensors - AKCP security probe
|
|
|
|
|
| Pression sensors - AKCP sensorProbe
|
|
|
|
|
| Temperature sensors - AKCP sensorProbe
|
|
|
|
|
| Voltage sensors - AKCP sensorprobe DC
|
|
|
|
|
| Virus Scanning Engines
|
|
|
Windows events
|
W3C Logs
|
Syslog messages
|
SNMP Traps
|
| AMaViS
|
|
|
|
|
| ClamAV
|
|
|
|
|
| Grisoft AVG
|
|
|
|
|
| Kaspersky ScanEngine
|
|
|
|
|
| McAfee
|
|
|
|
|
| McAfee Total Protection for Enterprise
|
|
|
|
|
| Sophos
|
|
|
|
|
| SpamAssasin
|
|
|
|
|
| Symantec Antivirus Corporate Edition
|
|
|
|
|
| Symantec ScanEngine
|
|
|
|
|
| TrendMicro Office Scan
|
|
|
|
|
| TrendMicro InterScan Web Security
|
|
|
|
|
| TrendMicro VirusWall
|
|
|
|
|
| TrendMicro InterScan Messaging Security
|
|
|
|
|
|
|
Windows events
|
W3C Logs
|
Syslog messages
|
SNMP Traps
|
| VPN
|
| Alcatel Secure SVPN Gateway 7137
|
|
|
|
|
| Check Point VPN-1
|
|
|
|
|
| Cisco VPN 3* Concentrators series
|
|
|
|
|
| Juniper Networks SSL VPN Appliances
|
|
|
|
|
| Web Security
|
|
|
Windows events
|
W3C Logs
|
Syslog messages
|
SNMP Traps
|
| Websense Enterprise
|
|
|
|
|
| Web Servers
|
|
|
Windows events
|
W3C Logs
|
Syslog messages
|
SNMP Traps
|
| Apache
|
|
|
|
|
| Zeus
|
|
|
|
|
| Microsoft IIS
|
|
|
|
|
| Sun Java System Web Server
|
|
|
|
|
| Sun One Web Server
|
|
|
|
|
| Netscape Fasttrack Commerce>Enterprise
|
|
|
|
|
| NCSA
|
|
|
|
|
| WLAN Security
|
|
|
Windows events
|
W3C Logs
|
Syslog messages
|
SNMP Traps
|
| AirDefense Guard
|
|
|
|
|
| Axial AirMagnet Enterprise
|
|
|
|
|
| Cisco Aironet 1200 Series
|
|
|
|
|
| Legend
|
|
|
Rules are present for the device
|
|
|
MIB embedded in GFI EventsManager 8
|
|
|
Rules can be created for the device / MIB can be imported to GFI EventsManager
|