All SmartConnectors

The following table lists the applications and their versions certified by:

Note: The device versions currently documented here are versions that have been tested by ArcSight Quality Assurance. These are generally referred to as certified versions. For device releases that fall in between certified major versions, it has been our experience that vendors typically do not make significant changes to the event generation mechanism. Oftentimes, there are few, if any, significant changes even between major versions to the event logs. Therefore, we consider minor releases to be supported and major versions may be supported depending on the types of changes made to the latest version. Where possible, minor adjustments can be accommodated by parser overrides as needed. For example, Extreme Networks Dragon Export Tool versions 7.4 and 8.0 have been certified; Dragon Export Tool version 7.5 is also supported.

Air Magnet

SmartConnector For Supported Devices/Applications Certified Version PDF Download Last Updated On

AirMagnet Enterprise Syslog 1

AirMagnet 5.2.0, 8.0.0, and 9.0.0 PDF February 2022

Amazon

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
Amazon CloudWatch EC2 instance with Amazon Linux 2   PDF February 2022
Amazon S3 Supported log sources   PDF February 2022
AWS CloudTrail

  • Cloud Formation

  • Guard Duty

  • Security Hub

  • Lambda Trusted Advisor Inspector

  • WAF & WAF Regional

   PDF February 2022
AWS Security HubUpdated!

  • GuardDuty

  • Inspector

  • IAM

  • Macie Services

   PDF July 2022

Apache

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
Apache HTTP Server Access Multiple File1 Apache HTTP Server 1.3.0 and 2.4.0 PDF February 2022
Apache HTTP Server Error File1 Apache HTTP Server 1.3.0 and 2.4.0 PDF February 2022
Apache HTTP Server Syslog1 Apache HTTP Server 1.3.0 and 2.4.0 PDF February 2022
Apache Tomcat File1 Apache Tomcat 7.0.0 PDF February 2022

App Security

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
App Security AppDetective DB AppDetective 5.1.0 PDF February 2022

Barracuda

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
Barracuda Email Security Gateway Syslog1 Barracuda Email Security Gateway 7.0.0 and 8.0.0 PDF February 2022
Barracuda Firewall NG F-Series Syslog1 Barracuda Firewall NG 7.0.0 PDF February 2022
Barracuda Web Appliance Firewall Syslog1 Barracuda Web Appliance Firewall 4.2.0, 5.0.0, and 5.5.0 PDF February 2022

Bind

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
ISC Bind Syslog ISC BIND 9.9.0 PDF February 2022

Blue Coat

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
Blue Coat Proxy SG Multiple Server File Blue Coat Proxy SG Series 6.3.0, 6.5.0, and 6.6.0 PDF February 2022
Blue Coat Proxy SG Syslog1 Blue Coat Proxy OS 6.3.0, 6.4.0, 6.5.0, 6.6.0, 6.7.0 and 7.0.0 PDF February 2022

Box

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
Box Box   PDF February 2022

BroadWeb

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
BroadWeb NetKeeper Syslog1 BroadWeb NetKeeper NK3000 3.6.0, NIK4000 1.0.0, NK5000 1.1.0, NK6000 1.0.0, and NK Eulen 2.0.0 PDF February 2022

Broadcam (Formerly Brocade)

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
Brocade BigIron Syslog1 IronWare 7.6.0 PDF February 2022

CA

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
CA SiteMinder Single Sign-On File CA Single Sign-on 12.0.0 and 12.5.0 PDF February 2022
CA Top Secret for z/OS File1 CA Top Secret Security for z/OS 9.0.0, 12.0.0, and 15.0.0 PDF February 2022

Check Point

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
Check Point OPSEC NG Check Point Security Gateway R77 PDF February 2022
Check Point Syslog Updated! Check Point with Gaia Operating System R77.30, R80.10, R80.20, R80.30, R80.40, and R81 PDF July 2022

Cisco

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
Cisco ASA Syslog1 Cisco ASA 8.2.0, 8.3.0, 8.4.0, 8.5.0, 8.6.0, 9.0.0, 9.1.0, 9.2.0, 9.3.0, 9.5.0, and 9.6.0 PDF February 2022
Cisco Catalyst OS Syslog1 Cisco Catalyst Switch devices using CatOS 5.0.0 and 8.0.0 PDF February 2022
Cisco IOS Syslog1 Cisco IOS 2600 series and later IOS 12.4.0, 15.0.0, 15.1.0, 15.2.0, 15.3.0, 15.4.0, 15.5.0, and 15.6.0. PDF February 2022
Cisco IronPort Email Security Appliance File Cisco IronPort Email Security AsyncOS 8.0.0, 8.5.0, 9.6.0, 9.7.0, 10.0.0, and 11.1.0 PDF May 2022
Cisco IronPort Email Security Appliance Syslog1 Cisco IronPort Email Security AsyncOS 8.0.0, 8.5.0, 9.6.0, 9.7.0, 10.0.0, and 11.1.0 PDF February 2022
Cisco IronPort Web Security Appliance File1 Cisco IronPort Web Security AsyncOS

8.0.0, 8.5.0, and 10.0.0 for Cisco Web Security Appliance

8.5.0 and 10.0.0 for Apache and Squid formats

 PDF February 2022
Cisco IronPort Web Security Appliance Syslog1 Cisco IronPort Web Security AsyncOS 9.0.0 PDF February 2022
Cisco ISE Syslog1 Cisco ISE 1.2.0, 1.3.0, and 2.2.0 PDF February 2022
Cisco Meraki Syslog1 Cisco Meraki MR52 PDF February 2022
Cisco Mobility Services Engine Syslog1 Cisco Mobility Service Engine 5.1.0 PDF February 2022
Cisco NX-OS Syslog1 Cisco NX-OS 4.2.0, 5.0.0, 5.2.0, 6.2.0, and 7.3.0 PDF February 2022
Cisco Secure ACS Syslog1 Cisco Secure ACS 5.3.0, 5.4.0, 5.6.0, and 5.7.0 PDF February 2022
Cisco Secure IPS SDEE Cisco IOS IPS Sensor 7.2.0 and 7.3.0 PDF February 2022
Cisco Sourcefire Defense Center eStreamer

Sourcefire eStreamer for:

  • Collection of Intrusion, RNA, and Policy Violation events

  • Collection of Malware and file

Following versions are supported:

  • 4.9.0, 4.9.1, 4.10.0, 4.10.1, 5.0.2, 5.1.0, 5.1.1, 5.2.0, 5.3.0, 5.3.1, and 5.4.0

  • 5.1.1 through 5.4.0

 PDF February 2022
Cisco Wireless LAN Controller Syslog

  • Cisco Wireless LAN Controller

  • AireSpace WLAN controller logs

 7.1.0, 7.6.0, 8.2.0, 8.3.0, and 8.3.1 PDF May 2022

Citrix

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
Citrix NetScaler Syslog Citrix NetScaler 10.0.0, 10.1.0, 10.5.0, and 11.0.0 PDF May 2022

Dell

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
Dell ChangeAuditor DB Dell ChangeAuditorfor Active Directory 6.7.0 PDF February 2022
Dell EMC Isilon/PowerScale Unity and VNXe Storage PowerScale OneFS 8.1.0.4 and 9.1.0.0 PDF February 2022
Dell InTrust for Windows DB Dell InTrust for Windows 10.7.0 PDF February 2022
Dell SonicWALL Firewall Syslog1 Dell Sonic OS 5.8.0 and 6.2.0 PDF February 2022

DHCPD

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
ISC DHCP Syslog ISC DHCP 3.0.0 PDF February 2022

eEye Retina

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On

eEye Retina Network Security Scanner DB

(DSN-Based)

 eEye Retina Network Security Scanner 5.2.0 and 5.8.0 PDF February 2022

eEye Retina Network Security Scanner DB

(RTD File)

eEye Retina Network Security Scanner 5.0.0 PDF February 2022

eSecurity Planet

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
Gemalto SafeNet ProtectDB File Gemalto SafeNet ProtectDB 5.1.0, 5.2.0, and 6.0.0 PDF February 2022

F5

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
F5 BIG-IP Syslog1

F5 Traffic Management Operations System (TMOS)

10.2.0, 11.0.0, 11.4.0., 11.6.0, 12.0.0, and 12.1.0

 PDF February 2022
Access Policy Module (APM) 11.3.0

Fortinet

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
Fortinet Fortigate Syslog1 FortiOS 5.0.0 and 5.2.0 PDF February 2022

F-Secure

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
F-Secure Anti-Virus File

F-Secure Client Security

5.55.0

 PDF February 2022
Policy Manager Policy Manager 5.50.0 are supported.

Google

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
Google Cloud Platform     PDF February 2022

HPE

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
HP Printers Syslog 1 HP Color LaserJet Enterprise M651, MFP M680 , CP5520 Series, and CP5525 PDF February 2022
HP Color LaserJet Enterprise Flow MFP M575, MFP M680, and MFP M880
HP Color LaserJet M750, M855, and CM4540 MFP
HP LaserJet M4555 MFP, 500 COLOR M551, 500 COLOR MFPM575, 500 MFP M525, 600 M601, 600 M602, 600 M603, MFP M630, 700 COLOR MFPM775, 700 M712, 700 MFPM725, MFPM725, and M806
HP LaserJet Enterprise Flow MFP M525, MFP M630, and MFP M830
HP OfficeJet Enterprise Color MFP X585
HP OfficeJet Enterprise Color Flow MFP X585
HP Digital Sender Flow 8500 fn1 Document Capture Workstation
HP Scanjet Enterprise 8500 fn1 and 8500 fn1 Document Capture Workstation
HPE Aruba Mobility Controller Syslog1 ArubaOS 6.3.0 and 6.4.0 PDF February 2022
HPE c7000 Virtual Connect Module Syslog1 HPE Virtual Connect Manager 4.10.0 PDF February 2022
HPE H3C Syslog1 HPE H3C version Comware Platform V5 PDF February 2022
HPE Integrated Lights-Out Syslog HPE Integrated Lights-Out for ProLiant Gen8, Gen9 and Gen10 4.0.0 and 5.0.0 PDF February 2022
HPE IPC DB HPE IPC 5.1.0 PDF February 2022
HPE OM i Web Services HPE Operations Manager i 9.01.0 and 10.0.0 PDF February 2022
HPE OM Incident Web Service HPE Operations Manager for Windows 9.0.0 and 8.16.90 PDF February 2022
Operations Manager for Unix 9.10.0 and 9.10.230
Operations Manager for Linux 9.10.0 and 9.10.230
HPE OpenVMS File HPE OpenVMS 7.3.0, 8.3.0, and 8.4.0 PDF February 2022
HPE ProCurve Syslog1 HPE ProCurve K.15.X PDF February 2022
HPE UX Audit File HPE-UX Binary Audit 11i v1, v2, and v3 PDF February 2022
HPE UX Syslog1 HPE-UX 11i v3 i PDF February 2022

IBM

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
IBM AIX Audit Syslog1 IBM AIX 7.1.0 and 7.2.0 PDF February 2022
IBM BixFix REST API IBM BixFix 9.5.4 PDF February 2022
IBM DB2 Multiple Instance UDB Audit File DB2 Multiple Instance UDB 9.7, 10.1, and 10.5 PDF February 2022
IBM eServer iSeries Audit Journal File1 IBM eServer iSeries V5R2, V5R3, V5R4, and V6R1 Type 1 and Type 5 PDF February 2022
IBM Lotus Domino Web Server File1 IBM Lotus Domino Web Server 6.5.0 PDF February 2022
IBM NVAS for z/OS File IBM NVAS 2.1.0 PDF February 2022
IBM NVAS Session for z/OS File IBM NVAS 2.1.0 PDF February 2022
IBM RACF for z/OS File1 IBM RACF RACF for z/OS and OS/390 PDF February 2022
IBM SDSF for z/OS File IBM SDSF SDSF for z/OS and OS/390 PDF February 2022
IBM Security Access Manager Syslog1 IBM Security Access Manager (ISAM) 8.0.0 and 9.0.0 PDF February 2022
IBM SiteProtector DB IBM SiteProtector 3.1.0 PDF February 2022
IBM System Log for z/OS File IBM System Log for z/OS and OS/390 System Log for z/OS and OS/390 PDF February 2022
IBM WebSphere File IBM WebSphere 7.0.0 and 8.5.0 PDF February 2022

Infoblox

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
Infoblox NIOS SyslogUpdated! Infoblox NIOS 5.1.0, 6.7.0, 6.8.0, 6.11.0, 7.2.0, and 7.6.0 PDF July 2022

Ingrian

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
Ingrian DataSecure Syslog1 Ingrian DataSecure Device versions with i222 and i321 with software versions 4.0.0 and 4.1.0 PDF February 2022

IP Flow

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
IP Flow Information Export (IPFIX) IPFIX 10.0.0 PDF February 2022
IP Flow (Netflow/J-Flow) Cisco NetFlow 9.0.0 PDF February 2022
Flexible NetFlow from IOS 15.0.0
Cisco ASA 8.2.0 and 8.5.0
Juniper J-Flow 9.0.0

Ivanti (Formerly Lumension)

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
Lumension PatchLink Scanner DB Lumension PatchLink Scanner 6.4.0 PDF February 2022

Juniper

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
Juniper Arbor Networks Peakflow Syslog1 Arbor Networks Peakflow SP 5.0.0, 5.5.0, 5.6.0, 5.7.0, 6.0.0, and 7.5.0 PDF February 2022
Juniper Extreme Networks Dragon Export Tool File1 Extreme Networks Dragon versions 7.0.0, 7.3.0, 7.4.0, 8.0.0, and 8.2.0 PDF February 2022
Juniper Extreme Networks Dragon IDS File1 Extreme Networks Dragon IDS File 6.0.0, and 7.3.0 PDF February 2022

Juniper Firewall ScreenOS Syslog 1

ScreenOS 6.3.0 PDF February 2022
Juniper IDP Series Syslog1 IDP 5.1.0 PDF February 2022
Juniper JUNOS Syslog1 JUNOS 12.1, 12.3, 13.1, 13.2, 14.1, and 14.2 PDF February 2022
Juniper Network and Security Management Syslog1 NSM 2012.2 PDF February 2022
Juniper Steel-Belted Radius File Steel-Belted Radius Global Enterprise Edition 5.03.0, 5.30.0, 5.40.0, and 6.0.0 PDF February 2022

Kaspersky

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
Kaspersky DB Anti-Virus, Administration Kit, and Endpoint Security 6.0.0 and 8.0.0 PDF February 2022

Linux

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
Linux Audit File1 Red Hat Enterprise Linux Server 6.4.0, 6.5.0, 6.7.0, 7.1.0, 7.2.0, 7.4.0, 7.5.0, 7.6.0, 8.1.0, 8.2.0, 8.3.0, and 8.4.0 PDF February 2022
Linux Audit Syslog1 Red Hat Enterprise Linux Server 6.4.0, 6.5.0, 6.7.0, 7.1.0, 7.2.0, 7.4.0, 7.5.0, 7.6.0, 8.1.0, 8.2.0, 8.3.0, and 8.4.0 PDF February 2022

McAfee

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
McAfee Email Gateway Syslog1 Email Gateway Security 4.5.0, 5.0.0, 6.1.0, 6.5.0, and 6.7.0 PDF February 2022
McAfee ePolicy Orchestrator DB Microsoft SQL Server 2008, 2012, 2014, 2016, and 2017 PDF February 2022
McAfee Firewall Enterprise Syslog1 Firewall Enterprise Appliance Software 8.3.0 PDF February 2022
McAfee Network Security Manager DB (ID-based) Network Security Manager DB 7.5.0, 8.0.0, 8.1.0, 8.2.0, 8.3.0, and 9.1.0 PDF February 2022
McAfee Network Security Manager DB (Time-based) Network Security Manager 7.5.0, 8.0.0, 8.1.0, 8.2.0, 8.3.0, and 9.1.0 PDF February 2022

McAfee Network Security Manager Syslog1

Network Security Manager 8.1.0, 8.3.0, and 9.1.0

PDF

February 2022
McAfee Vulnerability Manager DB Vulnerability Manager 7.5.0 PDF February 2022
McAfee Web Gateway File1 Web Gateway 6.8.0, 7.2.0, and 7.4.0 PDF February 2022
McAfee Web Gateway Syslog1 Web Gateway 7.6.0 PDF February 2022

Micro Focus

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
ArcSight Asset Import File N/A N/A PDF February 2022
ArcSight CEF Cisco FireSIGHT Syslog FireSIGHT 5.4.0 and 6.0.0 PDF February 2022

ArcSight CEF Encrypted Syslog (UDP)

All CEF supported devices N/A

PDF

February 2022
ArcSight CEF Folder Follower Scanner All CEF supported devices N/A PDF February 2022
ArcSight Common Event Format File All CEF supported devices N/A PDF February 2022
ArcSight Common Event Format Hadoop Hadoop DFS 2.5.1 PDF February 2022
ArcSight Common Event Format Multiple File All CEF supported devices N/A PDF February 2022
ArcSight Common Event Format REST All CEF supported devices N/A PDF February 2022
ArcSight Common Event Format Syslog All CEF supported devices N/A PDF February 2022
ArcSight Logger Streaming Connector N/A N/A PDF February 2022
ArcSight CyberRes Galaxy Threat Acceleration Program SmartConnectorNew! N/A N/A PDF February 2022
Raw Syslog Daemon1 N/A N/A PDF February 2022
Syslog NG Daemon1 Syslog NG 3.0.0 and 3.3.0 PDF February 2022

Microsoft

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
Microsoft 365 Defender     PDF May 2022
Microsoft Audit Collection System DB Microsoft Audit Collection Services with Operations Manager 2007, 2007 R2, 2012, and 2012 R2 PDF February 2022
Microsoft Azure Monitor Event Hub     PDF February 2022
Microsoft DHCP File Windows Server 2008, 2012 R2, 2016, and 2019 PDF February 2022
Microsoft DNS DGA Trace Log Multiple Server File Microsoft's Domain Name Service (DNS) Microsoft Windows 2008, Microsoft Windows 2012, Microsoft Windows 2012 R2, Microsoft Windows 2016, and Microsoft Windows 2019 PDF February 2022
Microsoft DNS Trace Log Multiple Server File1     PDF February 2022
Microsoft Exchange Message Tracking Log Multiple Server File1 Microsoft Exchange Servers 2007, 2010, 2013, 2013 SP1, and 2016 PDF February 2022

Microsoft Exchange PowerShell

Microsoft Exchange Server 2010 SP2, 2013, and 2016 Mailbox Audit and Admin Audit logs PDF February 2022
Microsoft Forefront DB Forefront Unified Access Gateway 2010 Forefront 4.0.0 PDF February 2022
Microsoft Forefront PSM Console DB Forefront Protection Server Management Console 1.1.0 with Forefront Protection Server 2010 PDF February 2022

Microsoft Forefront Threat Management Gateway File

Gateway Server 7.0.0, 7.5.0, 8.0.0, 8.5.0, and 10.0.0 PDF February 2022

Microsoft IIS File

Microsoft Internet Information Server (IIS) 7.0.0, 7.5.0, 8.0.0, 8.5.0, and 10.0.0 PDF February 2022
Microsoft IIS Multiple Server File1 Microsoft IIS Server 7.0.0, 7.5.0, 8.0.0, 8.5.0, and 10.0.0 PDF February 2022
Microsoft IIS Multiple Site File Microsoft IIS Server 7.0.0, 7.5.0, 8.0.0, 8.5.0, and 10.0.0 PDF February 2022

Microsoft IIS Syslog1

Microsoft IIS Server 8.0.0, 8.5.0, and 10.0.0 with Datagram v3.3 a PDF February 2022
Microsoft Network Policy Server File Windows Server 2008 PDF February 2022
Microsoft Office 365 Management ActivityUpdated! Event collection Microsoft SharePoint Online, Exchange Online, Azure Active Directory (AD), and OneDrive PDF July 2022
Microsoft SharePoint Server DB SharePoint Server 2010, 2013 and 2016 PDF February 2022

Microsoft SQL Server Multiple Instance Audit DB

Microsoft SQL Server 2005, 2008, 2008 R2, 2008 SP3, 2012, and 2014 PDF February 2022
Microsoft System Center Configuration Manager DB Microsoft SQL Server 2012 and 2012 R2 for antimalware events collected by Endpoint Protection PDF February 2022
Microsoft System Center Operations Manager DB Microsoft SQL Server 2005, 2007, 2008, 2012 with Operations Manager 2005, 2007 2007 R2, 2012, 2012 R2, and Forefront Client Security 1.1 SP1 PDF February 2022

Microsoft Windows Event Log - NativeUpdated!

Windows Server

  • 2008, 2008 R2, 2012, 2012 R2, 2016, 2019, and 2022

  • Supported Native Applications, System Events, and Modules:

    • Microsoft Windows Powershell

    • Microsoft-Windows-PowerShell/Operational

    • Exchange Server 2007 and 2007 SP3 for Windows Server 2008, 2008 R2, and 2012

    • Microsoft Active Directory Windows 2008 NTDS, NTDS DB, ISAM, KCC, LDAP, Replication Windows 2012/Windows 8 NTDS LDAP

    • Microsoft Antimalware

    • Microsoft Exchange Audit Exchange Server 2007 and 2007 SP3 for Windows Server 2008, 2008 R2, and 2012

    • Microsoft Forefront Protection 2010 Windows Server 2008, 2008 R2, 2012 Standard with Exchange 2010.

    • Microsoft Local Administrator Password Solution (LAPS)

    • Microsoft Sysmon Logs

    • Microsoft Network Policy Server Windows 8, Windows Server 2008 R2, 2012, and 2016

    • Microsoft Remote Access Windows 8, 10, Server 2008 R2, 2012, 2012 R2, and 2016

    • Microsoft Service Control Manager Windows 8, 10, Server 2012, 2016

    • Microsoft SQL Server Audit Windows Server 2008, 2008 R2 with SQL Server 2008, 2012; Windows Server 2012 with SQL Server 2012 SP1, 2014, and 2016

    • Microsoft WINS Server Microsoft Windows 8; Windows Server 2012 and 2016

    • Oracle Audit Oracle database versions 10g, 11g, and 12cR1 with Microsoft Windows Server 2012

    • Symantec Mail Security for Exchange 6.5.0, 7.0.0, and 7.5.0 on Windows 2008 R2 and 2012 R2

    • Microsoft-Windows-Security-Auditing, Service Control, and NPS on Windows Server 2022

 PDF July 2022
Microsoft Windows Event Log Native Security Event Mappings N/A N/A PDF February 2022

MS Windows Event Log – Native SmartConnector (WiSC)

(Can be installed on Linux-based OS)

 

  • CentOS 6.9 and 7.4

  • RHEL 6.9 and 7.4

  • Management Center 2.80

  • Management Center 2.81
 PDF February 2022

NetApp

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
NetApp Filer Event Log1 NetApp Filer 7.3.0 PDF February 2022
NetApp Filer Syslog Data ONTAP 7.2.0, 7.3.0, 8.0.0, 8.1.0, 8.2.0, and 8.3.0 PDF February 2022
NetApp ONTAP XML File NetAppONTAP   PDF February 2022

NetIQ

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
NetIQ Security Manager DB Security Manager 5.0.0, 5.5.0, and 6.5.0 PDF February 2022

Netscout

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
Netscout Arbor Security Syslog     PDF February 2022

NitroSecurity

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
NitroSecurity Syslog1 IPS 603 PDF February 2022

NMap

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
NMap XML File Nmap 3.8.0 PDF February 2022

Nortel

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
Nortel Contivity Switch (VPN) Syslog1 Contivity Extranet Switch device V04_06.222, V5, and V7.0.5 PDF February 2022

Novell

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
Novell Nsure Audit DB Nsure Audit 1.0.3 PDF February 2022

Okta

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
Okta Okta   PDF February 2022

OpenSource

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
HoneyD Syslog1 HoneyD 8.0.0 PDF February 2022
IDMEF XML File Snort 1.8.0 PDF February 2022
JBoss Security Audit File1 JBoss Application 7.1.0 PDF February 2022
OVAL XML File Open Vulnerability Assessment Language (OVAL) standard   PDF February 2022
Sendmail Syslog1 Sendmail 8.1.0 PDF February 2022
sFlow Devices sFlow and TippingPoint sflow 5.0.0 and TP TOS 3.6.0 PDF February 2022
SNMP Unified Cisco WIPS, Cisco Wireless LAN Controller MIB

4.0.0, 7.0.0, 5.0.0, 9.1.0

PDF February 2022
Cisco Wireless Control System

9.2.0, 8.5.0, 7.5.0, 6.0.0, 6.2.0

Extreme Networks (formerly Enterasys) Dragon IDS

7.0.0, 8.0.0, 8.1, 8.2 and 8.3
HPE Network Node Manager i 6.1, 6.3, 7.0, 7.4.0,7.5, and 7.7
HPE ProCurve Ethernet Switch 4000M devices
IBM Lotus Domino  
McAfee Email Gateway, nCircle Scanner  
RSA Authentication Manager/Identity Management Service  
Websense Web Security Suite  
Snort Multiple File Snort 1.8.0-2.0.0, 2.1.0, 2.2.0, 2.4.0, 2.5.0, 2.6.0, 2.8.0, and 2.9.0 PDF February 2022
Snort Syslog Snort 2.8.0 and 2.9.0 PDF February 2022
Squid Web Proxy Server File1 Squid 2.6.STABLE9, 2.7.0, and 3.5.0 PDF February 2022
TCPdump Solaris and Linux of tcpdump 3.8.0, 3.9.0, and 4.1.0 PDF February 2022

Oracle

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
Oracle Audit DB Oracle database 8i, 9i, 10g, 11g, 11gR2, 12cR1, 12cR2, and 18c PDF February 2022
Oracle Audit Syslog1 Oracle database 11g, 11gR2, 12cR1, and 18c PDF February 2022
Oracle Audit Vault DB Oracle database 11g, 11gR2, 12cR1, and 18c PDF February 2022
Oracle Audit XML File Oracle database 11g, 11gR2, 12cR1, 12cR2, and18c PDF February 2022
Oracle Solaris Basic Security Module Solaris SPARC 10, 11, and x86 version 11 PDF February 2022
Oracle Solaris Basic Security Module Syslog1 Solaris SPARC 10 and 11 and Solaris 11 x86 PDF February 2022
Oracle SYSDBA Audit Multiple Folder DB Oracle Database 8i, 9i, 10g, 11g, 11gr2, 12cR1, 12cR2, and 18c PDF February 2022
Oracle Unified Audit Trail DB Oracle Database 8i, 9i, 10g, 11g, 11gR2, 12cR1, 12cR2, and 18c PDF February 2022
Oracle WebLogic Server File1 WebLogic Server 10.3.3, 10.3.6, and 12.0.0 PDF February 2022

Proofpoint

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
Proofpoint Enterprise Protect and Enterprise Privacy Syslog1 Enterprise Protection and Enterprise Privacy Syslog 5.5.0, 6.3.0, 7.0.0, 7.2.0, 8.0.0, 8.3.0,8.4.0, and 8.7.0 PDF February 2022

Pulse Secure

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
Pulse Secure Pulse Connect Secure Syslog Pulse Connect Secure 8.1.0, 8.2.0, 8.3 .0, and 8.3.1 PDF May 2022

PureSight

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
PureSight Content Filter DB PureSight Content Filter 4.6.0 PDF February 2022

Qualys

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
Qualys QualysGuard File QualysGuard 4.0.0, 4.7.0, 5.0.0, 6.0.0, 6.5.0, 6.19.0, 7.0.0, 7.1.0, 7.4.0, 7.7.0, 7.9.0, 7.11.0,7.12.0, and 8.13.0 PDF February 2022

Radware

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
Radware DefensePro Syslog1 DefensePro 3.0.0, 4.0.0, 5.0.0, and 6.0.0 PDF February 2022

Rapid7

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
Rapid7 NeXpose XML File NeXpose Scanner 5.5.0 through 6.3.0 (with XML 2.0), 6.4.42, and 6.5.43 (with XML 2.0) PDF February 2022

Sabernet

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
Sabernet NT Syslog1 NTSyslog 1.7.0 PDF February 2022

SAINT

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
SAINT Vulnerability Scanner SAINT Vulnerability Scanner 6.1.0 and 6.4.0 PDF February 2022

SAP

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
SAP Real-Time Security Audit Multiple Folder File1 SAP ERP 4.6.0c, 4.7.0, and 6.0.0 PDF February 2022
SAP Security Audit File1 SAP ERP 4.6.0c, 4.7.0, 6.0.0 and 6.17.0 PDF February 2022

SDS (Formerly Type80)

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
Type80 SMA_RT Syslog1 Type80 SMA_RT 2 for CA Top Secret for z/OS and IBM RACF for z/OS, and Type80 SMA_RT version 3 for CA Top Secret, IBM RACF, and CA ACF2 for z/OS PDF February 2022

SNARE

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
Intersect Alliance SNARE Syslog Snare for Windows 2.5.0, 3.0.0, and 4.0.0 PDF February 2022

SolSoft

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
Solsoft Policy Server Solsoft 6.0.0 and 7.0.0 PDF February 2022

Sophos

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
Sophos Anti-Virus DB Sophos Anti-Virus 9.0.0, 9.7.0, 10.0.0, 10.3.0, and 10.8.0 PDF February 2022

Sun ONE

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
Sun ONE Direct Server/Multi Server File Sun ONE Directory Server 5.0.0, 5.2.0, 6.0.0, 6.3.0, and 7.0.0 PDF February 2022
Sun ONE Web Access Server Multiple File1 Sun ONE Web Access Server 6.0 SP8 PDF February 2022

Sybase

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
Sybase Adaptive Server Enterprise DB Sybase Adaptive Server Enterprise 12.5.0, 15.0.0 and 16.0.0 PDF February 2022

Symantec

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
Symantec AntiVirus Corporate Edition File/Multiple File1 Symantec AntiVirus Corporate Edition 8.0.0, 9.0.0, and 10.0.0 PDF February 2022
Symantec Data Center Security DB Symantec Data Center Security 6.5.0 and 6.7.0 PDF February 2022
Symantec Endpoint Protection DB Symantec Endpoint Protection and Symantec Endpoint Protection Small Business

  • 12.1.0 (for Anti-Virus, Anti-Spyware, Network Threat Protection (including firewall events), Network Access Control, and Behavior events)

  • 12.1.0 and 14.0.0(for Scan, Server Admin Log, Network Threat Protection, Behavior, System Anti-Virus and Anti-Spyware Protection, Virus, and Server Policy events)

 PDF February 2022
Symantec Endpoint Protection Syslog Symantec Endpoint Protection and Symantec Endpoint Protection Small Business

  • 12.1.0 (for Anti-Virus, Anti-Spyware, Network Threat Protection (including firewall events), Network Access Control, and Behavior events)

  • 12.1.0 and 14.0.0(for Scan, Server Admin Log, Network Threat Protection, Behavior, System Anti-Virus and Anti-Spyware Protection, Virus, and Server Policy events)

 PDF February 2022
Symantec Messaging Gateway Syslog1 Symantec Messaging Gateway Syslog 9.0.0, 10.0.0, and 10.5.0 PDF February 2022

Tenable

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
Tenable Nessus .nessus File Nessus Vulnerability Scanner 6.5.0, 6.6.0, 6.8.0, 7.0.0, 8.3.0, and 8.3.1 PDF February 2022
Tenable SecurityCenter XML File Tenable SecurityCenter 4.6.0 PDF February 2022

TippingPoint

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
TippingPoint SMS Syslog1 TippingPoint SMS 2.1.0, 2.5.0, 3.0.0, 3.1.0, 3.2.0, and 3.3.0 for SMS syslog format 2.0.0 PDF February 2022
TippingPoint SMS Syslog Extended1 SMS Syslog SMS 3.2.0, 3.3.0, 3.5.0, and 3.6.0 PDF February 2022

Top Layer Attack Mitigator

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
Top Layer Attack Mitigator Syslog1 Top Layer Attack Mitigator Top Layer Attack Mitigator PDF February 2022

Trend Micro

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
Trend Micro Apex Central Multiple DB Trend Micro Apex Central versions 6.0 and 6.0 SP1

  • OfficeScan Client/Server Edition versions 10.6.0, 10.0.0, 8.0.0, 8.4.0

  • InterScan Messaging Security Suite version 7.0.0

  • ScanMail for Lotus Domino 5.5.0

 PDF February 2022
Trend Micro Control Manager Multiple DB Trend Micro Control Manager versions 6.0 and 6.0 SP1

  • OfficeScan Client/Server Edition versions 10.6.0, 10.0.0, 8.0.0, 8.4.0

  • InterScan Messaging Security Suite version 7.0.0

  • ScanMail for Lotus Domino 5.5.0

 PDF February 2022

Tripwire

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
Tripwire IP360 File Tripwire Device Profiler 7.4.0 and 7.5.0 PDF February 2022
Tripwire Manager File Tripwire Manager 3.0.0, 4.5.0, and 5.0.0 PDF February 2022

UNIX

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
UNIX Login/Logout File UNIX Login and Logout

  • Red Hat Enterprise Linux (RHEL) 6.4.0, 6.5.0, 6.7.0, 7.1.0, 7.2.0, 7.4.0, 7.5.0, 7.6.0, 8.1.0, 8.2.0, 8.3.0, and 8.4.0

  • Oracle Solaris 10 x86 64-bit

  • Oracle Solaris 11 SPARC and x86 64-bit

  • SUSE Linux 11 Enterprise Server 64-bit

 PDF February 2022
UNIX OS Syslog UNIX OS

  • Oracle Solaris 10 and 11 64-bit (SPARC)

  • Oracle Solaris 11 64-bit (x86_64)

  • HP-UX 10 and 11 (64-bit)

  • Red Hat Linux Enterprise 6.7.0, 7.0.0, 7.1.0, 7.2.0, 7.3.0, 7.4.0, 8.0.0, 8.1.0, 8.2.0, and 8.3.0 (64-bit),

  • and IBM AIX 7.1.0 (64-bit)

PDF

June 2022

VarySys

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
VarySys PacketAlarm IPS Syslog1 PacketAlarm 4.6.0 PDF February 2022

VMware

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
VMware ESXi Server Syslog VMware ESXi Server 5.5.0, 6.0.0, 6.5.0, and 7.0 PDF June 2022
VMware Web Services VMware Web Services vCenter 5.5.0, 6.0.0, and 6.5.0 are supported on ESXi servers 5.5.0, 6.0.0, and 6.5.0 PDF February 2022

Vormetric

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
Vormetric CoreGuard Syslog1 Vormetric CoreGuard 1.0.0 PDF February 2022

Zeek

SmartConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
Zeek IDS NG File

 

 Bro IDS 2.1.0, 2.3.0 PDF February 2022

Zeek

 3.1.3
1 This log source is also supported through the Amazon S3 SmartConnector. However, you need to make sure that the logs from these log sources are made available in the S3 bucket.
Note: For information about additional devices supported through Flex Connector, visit Marketplace, then select All Categories > ArcSight > ArcSight FlexConnectors.

All FlexConnectors

FlexConnector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
ArcSight FlexConnector File     PDF February 2022
ArcSight FlexConnector Regex File     PDF February 2022
ArcSight FlexConnector Time-Based DB     PDF February 2022
ArcSight FlexConnector Multiple DB     PDF February 2022
ArcSight FlexConnector ID-Based DB     PDF February 2022
ArcSight FlexConnector Regex Folder File     PDF February 2022
ArcSight FlexConnector Scanner DB     PDF February 2022
ArcSight FlexConnector XML File     PDF February 2022
ArcSight FlexConnector Scanner XML Reports     PDF February 2022
ArcSight FlexConnector CounterACT     PDF February 2022
ArcSight FlexConnector Multiple Folder File     PDF February 2022
ArcSight FlexConnector Scanner Text Reports     PDF February 2022
ArcSight FlexConnector JSON Folder Follower     PDF February 2022
ArcSight FlexConnector JSON Multiple Folder Follower     PDF February 2022
ArcSight FlexConnector REST     PDF February 2022
ArcSight FlexConnector Kafka     PDF February 2022

All Logger Forwarding Connectors

Logger Forwarding Connector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
Logger Forwarding Connector for OMi OMi 9.22.0 PDF March 2022
Logger Forwarding Connector for NNMi NNMi 10.60.0 PDF March 2022

All Model Import Connectors

Model Import Connector For Supported Devices/Applications/Log Sources Certified Version PDF Download Last Updated On
Reputation Security Monitor Plus     PDF February 2022
MISP (Open Source Threat Intelligence and Sharing Platform Solution)     PDF February 2022
1 This log source is also supported through the Amazon S3 SmartConnector. However, you need to make sure that the logs from these log sources are made available in the S3 bucket.
Note: For information about additional devices supported through Flex Connector, visit Marketplace, then select All Categories > ArcSight > ArcSight FlexConnectors.