LogSentinel SIEM On-Premise Integrations¶

On-premise integrations are achieved by the LogSentinel Collector or via other tools.

Logs from any on-premise system can collected. This is done by supporting flexible collection of:

Text files - you can consume any text-based log, either locally, or remotely, via SSH or a shared folder
Syslog - the collector can receive, enrich and forward syslog messages (regardless of the format)
Windows logs - Windows logs can be consumed via WMI calls or with a PowerShell wrapper, both locally and remotely
Database audit logs - RDBMS support native audit logs (out-of-the-box or using plugins). The collector can handle the most widely used databases
Database tables - often applications write their audit logs to database tables; you can configure the LogSentinel collector to parse any table structure