# Data Transports ## Overview A Data Transport is a type of log source that sends log types that are not natively supported by Panther—i.e., [custom log types](https://docs.panther.com/data-onboarding/custom-log-types). Using Data Transports, you can process custom data types through Panther’s log processing pipeline, map existing detections to custom data types, and map data models to custom data types. In addition to using a Data Transport to onboard your custom logs, you'll need to create a [custom schema](https://docs.panther.com/data-onboarding/custom-log-types) to normalize and classify the data. Learn about [sending compressed data](#ingesting-compressed-data-in-panther) to Panther, as well as [latency expectations](#data-transports-latency), below. ## Panther-supported Data Transports Panther currently supports the following Data Transport methods: * [HTTP (Webhook)](https://docs.panther.com/data-onboarding/data-transports/http) * [AWS](https://docs.panther.com/data-onboarding/data-transports/aws) * [S3](https://docs.panther.com/data-onboarding/data-transports/aws/s3) * [CloudWatch](https://docs.panther.com/data-onboarding/data-transports/aws/cloudwatch) * [SQS](https://docs.panther.com/data-onboarding/data-transports/aws/sqs) * [SNS](https://docs.panther.com/data-onboarding/data-transports/aws/sqs/sns) * [Amazon EventBridge](https://docs.panther.com/data-onboarding/data-transports/aws/eventbridge) * [Google Cloud](https://docs.panther.com/data-onboarding/data-transports/google) * [Cloud Storage (GCS)](https://docs.runpanther.io/data-onboarding/data-transports/gcs) * [Pub/Sub](https://docs.panther.com/data-onboarding/data-transports/google/pubsub) * [Azure Blob Storage](https://docs.panther.com/data-onboarding/data-transports/azure/blob-storage) ## Ingesting compressed data in Panther The following Data Transport mechanisms support ingesting compressed data (according to one of the [below algorithms](#supported-compression-algorithms)): * [HTTP](https://docs.panther.com/data-onboarding/data-transports/http) * [Azure Blob Storage](https://docs.panther.com/data-onboarding/data-transports/azure/blob-storage) * [AWS S3](https://docs.panther.com/data-onboarding/data-transports/aws/s3) * [GCS](https://docs.panther.com/data-onboarding/data-transports/google/cloud-storage) Panther will transparently decompress compressed data, meaning no extra headers are required. Panther's decompression works by first determining the compression algorithm each file was compressed with. This is not inferred from the file extension or metadata, but rather the content of the file itself. The inner data of a compressed payload must match the [stream type](https://docs.panther.com/custom-log-types/reference#stream-type) you've configured for your Data Transport source. ### Supported compression algorithms Panther supports the following compression formats: * [gzip](https://www.gnu.org/software/gzip/) * [zstd](https://github.com/facebook/zstd) * Panther only supports zstd data that was compressed without the use of a dictionary. ### Supported columnar formats #### Parquet Panther can transparently detect and ingest [Parquet](https://parquet.apache.org/) files with a maximum size of 100MB (compressed). The inner data of Parquet files can be compressed with the following algorithms: * gzip * snappy #### Avro Panther can transparently detect and ingest [Apache Avro](https://avro.apache.org/) Object Container Files[ ](https://avro.apache.org/docs/1.11.1/specification/#object-container-files)(OCF). The inner data of the OCF files can be compressed with any of the following algorithms: * gzip * snappy * zst ## Data Transports latency When forwarding data to Panther using a Data Transport source, you can expect data to be ingested within five minutes. After ingestion, it can then take up to two and a half minutes for an alert to be generated (when applicable). These time frames are applicable to all Data Transport sources; there is not a particular source that has a shorter latency than the others. ## Troubleshooting Data Transports Visit the Panther Knowledge Base to [view articles about data transports](https://help.panther.com/Data_Sources/Data_Transports) that answer frequently asked questions and help you resolve common errors and issues.