Skip to content

LogSentinel SIEM On-Premise Integrations

On-premise integrations are achieved by the LogSentinel Collector or via third-party tools.

Logs from any on-premise system can collected. This is done by supporting flexible collection of:

  • Text files - you can consume any text-based log, either locally, or remotely, via SSH or a shared folder
  • Syslog - the collector can receive, enrich and forward syslog messages (regardless of the format)
  • Windows logs - Windows logs can be consumed via WMI calls or with a PowerShell wrapper, both locally and remotely
  • Database audit logs - RDBMS support native audit logs (out-of-the-box or using plugins). The collector can handle the most widely used databases
  • Database tables - often applications write their audit logs to database tables; you can configure the LogSentinel collector to parse any table structure

For more details, see the LogSentinel Collector overview