Comodo Help
Find the desired product help
SOCaaP

SOCaaP

Version 2.2

English

Print Help
SOCaaP XDR > Appendix 2 –SOCaaP Supported Logs
  • Introduction
    • Logging-in To The SOCaaP Console
  • Dashboard Overview
    • Summary
    • Alerts,Incidents And Website Vulnerabilities
    • Customer Health
  • SOCaaP Alerts/Escalations
    • Log-in To The Admin Console
    • The Home Screen
    • Service Summary
    • Incidents Overview
      • Incidents
      • Threat Summary
    • Log Collection Summary
    • Threat Communication Graph
    • Tickets
    • Reports
    • Notification Settings
    • Integrate Your Office 365 Account With SOCaaP
  • SOCaaP XDR
    • Log-in To The Admin Console
    • The Main Interface
    • Eveny Query
      • Configure Event Queries
    • Report Generation
    • Administration
      • Event Collection
      • Phantom Settings
      • Manage Users
    • Appendix 1 – Field Groups And Event Items Description
    • Appendix 2 –SOCaaP Supported Logs
  • SOCaaP Web Protection
    • Add Websites
    • The Main Interface
    • The Dashboard
    • Website Data And Settings
      • Website Overview
      • Security Scans
        • Website Scans
        • Website Files Security Scans
          • Malware Scan Settings
            • Automatic Configuration
            • Manual Configuration
          • Run A Scan And View Results
          • Notifications, Malware Removal And Scheduled Scans
        • Vulnerability Scans
          • CMS Vulnerability Scans
          • OWASP Top 10 Vulnerability Scans
      • Content Delivery Network
        • Activate CDN For A Website
        • CDN Settings
        • View CDN Metrics
      • Firewall
        • WAF Statistics
        • WAF Events
        • Configure WAF Policies
        • Manage Custom Firewall Rules
      • SSL Configuration
      • DNS Configuration
      • Add Trust Seal To Your Websites
      • Back Up Your Website
        • Backup Settings
        • On-Demand Backup
        • View Backup Records And File Statistics
        • Restore And Download Website Files
        • Delete Backups
    • Manage Your Profile
  • Sensor Installation
    • Requirements
    • (Option 1) Create Installation Media
    • (Option 2) Deploy Virtual Machine Environment
      • Create A New Virtual Machine
      • Configure Memory Size
      • Configure Hard Disk
      • Configure Hard Disk File Type
      • Configure Storage On Physical Hard Disk
      • Configure Size Of Virtual Hard Disk
      • Configure Network Settings
      • Select VM Startup Disk
    • Sensor Installation Steps
    • Sensor Configuration Steps
      • Login To The Web Portal
      • User Settings
      • Configure Network
      • Configure Timezone
      • Key Activation
      • (Optional) Valkyrie Key Verdict
      • (Optional) Forward Log
  • Frequently Asked Questions
  • About Xcitium Security Solutions

Appendix 2 – SOCaaP Supported Logs


The following table provides the details of logs that SOCaaP supports and fetches the data to populate Events fields according to event queries.


S.No.

Log Name

Vendor Name

Log Type

1

Mysql

Oracle

Database

2

Oracle

Oracle

Database

3

Active Directory

Unknown

Audit

4

Windows-Linux Audit

Xcitium Audit Parser

Audit

5

Xcitium UTM

Xcitium

Audit

6

Juniper

Juniper Networks

Firewall

7

IPtables

Linux

Firewall

8

Sonicwall

SonicWALL

Firewall

9

Cisco-fw

CISCO

Firewall

10

Squid

Squid

Proxy

11

Apache

Apache

Application

12

Xcitium Endpoint Security

 Xcitium

Content Security

13

MyDLP

 Xcitium

Data Protection

14

Snort

CISCO

Intrusion Detection

15

Tipping Point

HP

Intrusion Detection

16

Web Inspector

 Xcitium

Malware

17

VPN

Open VPN

Access

18

DHCP

Linux

Access

19

Fortigate

Fortinet

Firewall

20

Xcitium DPI

 Xcitium

Access

21

Xcitium DPI Bro

Xcitium

Access

22

Snmp Trap Logs

Snmp

Audit

23

Fortigate 5.0

Fortinet

Firewall

24

Sophos Ulogd

Sophos

Firewall

25

Bro_HTTP

BRO

Access

26

Bro_FTP

BRO

Access

27

Bro_Weird

BRO

Network Monitoring

28

Bro_Files

BRO

Access

29

Bro_Conn

BRO

Firewall

30

Bro_Dpd

BRO

Access

31

Bro_Smtp

BRO

Access

32

Bro_Dns

BRO

Access

33

Windows Audit

Windows

Audit

34

Alarms

Xcitium Alarm Producer

Audit

35

Cef

Common Event Format

Access

36

Bro_Ssl

BRO

Network Monitoring

37

Bro_Irc

BRO

Network Monitoring

38

Bro_Dhcp

BRO

Network Monitoring

39

Suricata

OISF

Intrusion Detection

40

NxIDS

Xcitium

Intrusion Detection

41

NxSensor_HTTP

Xcitium

Access

42

NxSensor_FTP

Xcitium

Access

43

NxSensor_Files

Xcitium

Access

44

NxSensor_Conn

Xcitium

Firewall

45

NxSensor_Dpd

Xcitium

Access

46

NxSensor_Smtp

 Xcitium

Access

47

NxSensor_Dns

 Xcitium

Access

48

NxSensor_Ssl

 Xcitium

Network Monitoring

49

NxSensor_Irc

 Xcitium

Network Monitoring

50

NxSensor_Dhcp

 Xcitium

Network Monitoring

51

NxSensor_Weird

Xcitium

Network Monitoring

52

analyser

 Xcitium

Audit

53

dome-eapi

 Xcitium

Audit

54

dome-vs

Xcitium

Audit

55

linux

 Xcitium

Audit

56

JUNOS SYS

Juniper

Firewall

57

Xcitium-rdns

 Xcitium

Network Monitoring

58

dome-cni

 Xcitium

Audit

59

Bro_Tunnel

BRO

Network Monitoring

60

Bro_Software

BRO

Network Monitoring

61

Bro_Pe

BRO

Network Monitoring

62

Bro_SSH

BRO

Network Monitoring

63

Bro_MySQL

BRO

Network Monitoring

64

Bro_Notice

BRO

Network Monitoring

65

Bro_Fls

BRO

Network Monitoring

66

NxSensor_Tunnel

 Xcitium

Network Monitoring

67

NxSensor_Software

 Xcitium

Network Monitoring

68

NxSensor_Pe

Xcitium

Network Monitoring

69

NxSensor_SSH

 Xcitium

Network Monitoring

70

NxSensor_MySQL

 Xcitium

Network Monitoring

71

NxSensor_Notice

 Xcitium

Network Monitoring

72

NxSensor_Fls

 Xcitium

Network Monitoring

73

modsecurity

 Xcitium

ModSecurity Audit

74

Bro_Syslog

 Xcitium

Network Monitoring

75

NxSensor_Syslog

 Xcitium

Network Monitoring

76

cpanelaccess

CPanel Inc

Audit

77

cpanellogin

CPanel Inc

Audit

78

Panos

Palo Alto Inc.

Firewall

79

MySQL_Slow_Queries

Oracle

Database

80

Apache-Error

Apache

Application

81

MySQL_Error

Oracle

Database

82

NxSensor_Fvs

 Xcitium

File Monitoring

83

SOCaaP Endpoint

 Xcitium

Application

84

modsecurity-java

 Xcitium

Audit

85

Internal Events

Xcitium Internal Event Producer

Audit

86

DbCollector

Xcitium Db Collector

Audit



Our Products
  • Free Antivirus
  • Free Internet Security
  • Website Malware Removal
  • Free Anti-Malware
  • Anti-Spam (Free Trial)
  • Windows Antivirus
  • Antivirus for Windows 7
  • Antivirus for Windows 8
  • Antivirus for Windows 10
  • Antivirus for MAC
  • Antivirus for Linux
  • Free Endpoint Security
  • Free ModSecurity
  • Free RMM
  • Free Website Malware Scanner
  • Free Device Manager for Android
  • Free Demo
  • Network Security
  • Endpoint Protection
  • Antivirus for Android
  • Comodo Antivirus
  • Wordpress Security
Cheap CDN
  • Bootstrap CDN
  • Semantic UI CDN
  • Jquery CDN
  • CDN Plans
  • CDN
  • Free CDN
Enterprise
  • Patch Management Software
  • Patch Manager
  • Service Desk
  • Website Down
  • Endpoint Protection Solutions
  • Website Security Check
  • Remote Monitoring and Management
  • Website Security
  • Device Manager
  • ITSM
  • CRM
  • MSP
  • Android Device Manager
  • MDR Services
  • Ransomware Prevention
  • Managed IT Support Services
  • Free EDR
Free SSL Certificate
Support Partners Terms and Conditions Privacy Policy

© Comodo Group, Inc. 2023. All rights reserved.