Docs Home
Panther.com
Release Notes
Demo Request
Search…
Overview
Quick Start
Data Sources & Transports
Data Transports
Supported Logs
1Password Logs
Apache Logs
Asana Logs
Atlassian Logs
AWS Logs
Box Logs
Cisco Umbrella Logs
Cloudflare Logs
CrowdStrike Logs
Duo Security Logs
Fastly Logs
Fluentd Logs
GCP Logs
Github Logs
GitLab Logs
G Suite Logs
Juniper Logs
Lacework Logs
Microsoft 365 Logs
Nginx Logs
Okta Logs
OneLogin Logs
Osquery Logs
OSSEC Logs
Salesforce Logs
Sophos Logs
Slack Logs
Snyk Logs
Suricata Logs
Syslog Logs
Teleport Logs
Zeek Logs
Zoom Logs
Zendesk Logs
Custom Logs
Monitoring Log Sources
Writing Detections
Cloud Security Scanning
Destinations
Data Analytics
Enrichment (Beta)
System Configuration
Alert Runbooks
Panther API (Beta)
Guides
Help
Powered By
GitBook
Supported Logs
Panther supports 90+ security log types across 33 different categories
Overview
Panther has native schema support for all of the following sources, with different supported methods to ingest data depending on the log source.
If you do not see a needed source listed as supported, you can either define your own log type via a
Custom Log
entry or
request support of a new log source
.
Panther Supported Logs
​
1Password
​
​
ItemUsage
​
​
SignInAttempt
​
​
Apache
​
​
AccessCombined
​
​
AccessCommon
​
​
Asana
​
​
Audit
​
​
Atlassian
​
​
Audit
​
​
AWS
​
​
ALB
​
​
AuroraMySQLAudit
​
​
CloudTrail
​
​
CloudTrailDigest
​
​
CloudTrailInsight
​
​
CloudWatchEvents
​
​
GuardDuty
​
​
S3ServerAccess
​
​
VPCDns
​
​
VPCFlow
​
​
WAFWebACL
​
​
Box
​
​
Event
​
​
CiscoUmbrella
​
​
CloudFirewall
​
​
DNS
​
​
IP
​
​
Proxy
​
​
Cloudflare
​
​
Firewall
​
​
HttpRequest
​
​
Spectrum
​
​
CrowdStrike
​
​
AIDMaster
​
​
ActivityAudit
​
​
AppInfo
​
​
CriticalFile
​
​
DNSRequest
​
​
DetectionSummary
​
​
GroupIdentity
​
​
ManagedAssets
​
​
NetworkConnect
​
​
NetworkListen
​
​
NotManagedAssets
​
​
ProcessRollup2
​
​
ProcessRollup2Stats
​
​
SyntheticProcessRollup2
​
​
Unknown
​
​
UserIdentity
​
​
UserInfo
​
​
UserLogonLogoff
​
​
Duo
​
​
Administrator
​
​
Authentication
​
​
OfflineEnrollment
​
​
Telephony
​
​
Fastly
​
​
Access
​
​
Fluentd
​
​
Syslog3164
​
​
Syslog5424
​
​
GCP
​
​
AuditLog
​
​
Github
​
​
Audit
​
​
GitLab
​
​
API
​
​
Audit
​
​
Exceptions
​
​
Git
​
​
Integrations
​
​
Production
​
​
G Suite
​
​
EventActivity
​
​
Reports
​
​
Juniper
​
​
Access
​
​
Audit
​
​
Firewall
​
​
MWS
​
​
Postgres
​
​
Security
​
​
Lacework
​
​
Events
​
​
Microsoft 365
​
​
Audit.AzureActiveDirectory
​
​
Audit.Exchange
​
​
Audit.General
​
​
Audit.SharePoint
​
​
DLP.All
​
​
Nginx
​
​
Access
​
​
Okta
​
​
SystemLog
​
​
OneLogin
​
​
Events
​
​
Osquery
​
​
Batch
​
​
Differential
​
​
Snapshot
​
​
Status
​
​
OSSEC
​
​
EventInfo
​
​
Salesforce
​
​
Login
​
​
LoginAs
​
​
Logout
​
​
URI
​
​
Sophos
​
​
Central
​
​
Slack
​
​
AccessLogs
​
​
AuditLogs
​
​
IntegrationLogs
​
​
Suricata
​
​
Anomaly
​
​
DNS
​
​
Syslog
​
​
RFC3164
​
​
RFC5424
​
​
Teleport
​
​
TeleportAudit
​
​
Zeek
​
​
DNS
​
​
Zoom
​
​
Activity
​
​
Operation
​
​
Zendesk
​
​
Audit
​
Previous
Google Cloud Storage (GCS) Source
Next
1Password Logs
Last modified
24d ago
Copy link
Contents
Overview
Panther Supported Logs