Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Log Source Type IDs

 

JSA supports a number of log sources and each log source has an identifier. Use the Log Source Type IDs in a match-group statement:

The following table lists the supported log source type and their IDs.

Table 1: Log Source Type ID

ID

Log Source Type

2

Snort Open Source IDS

3

Check Point Firewall-1

4

Configurable Firewall Filter

5

Juniper Networks Firewall and VPN

6

Cisco PIX Firewall

7

Configurable Authentication message filter

9

Enterasys Dragon Network IPS

10

Apache HTTP Server

11

Linux OS

12

Microsoft Windows Security Event Log

13

Windows IIS

14

Linux iptables Firewall

15

IBM Proventia Network Intrusion Prevention System (IPS)

17

Juniper Networks Intrusion Detection and Prevention (IDP)

19

TippingPoint Intrusion Prevention System (IPS)

20

Cisco IOS

21

Nortel Contivity VPN Switch

22

Nortel Multiprotocol Router

23

Cisco VPN 3000 Series Cntrator

24

Solaris Operating System Authentication Messages

25

McAfee IntruShield Network IPS Appliance

26

Cisco CSA

28

Enterasys Matrix E1 Switch

29

Solaris Operating System Sendmail Logs

30

Cisco Intrusion Prevention System (IDS)

31

Cisco Firewall Services Module (FWSM)

33

IBM Proventia Management SiteProtector

35

Cyberguard FW/VPN KS Family

36

Juniper Networks Secure Access (SA) SSL VPN

37

Nortel Contivity VPN Switch

38

Top Layer Intrusion Prevention System (IPS)

39

Universal DSM

40

Tripwire Enterprise

41

Cisco Adaptive Security Appliance (ASA)

42

Niksun 2005 v3.5

45

Juniper Networks Network and Security Manager (NSM)

46

Squid Web Proxy

47

Ambiron TrustWave ipAngel Intrusion Prevention System (IPS)

48

Oracle RDBMS Audit Records

49

F5 Networks BIG-IP LTM

50

Solaris Operating System DHCP Logs

55

Array Networks SSL VPN Access Gateway

56

Cisco CatOS for Catalyst Switches

57

ProFTPD Server

58

Linux DHCP Server

59

Juniper Networks Infranet Controller

64

Juniper Junos OS Platform

68

Enterasys Matrix K/N/S Series Switch

70

Extreme Networks ExtremeWare Operating System (OS)

71

Sidewinder G2 Security Appliance

73

Fortinet FortiGate Security Gateway

78

SonicWall UTM/Firewall/VPN device

79

Vericept Content 360

82

Symantec Gateway Security (SGS) Appliance

83

Juniper Steel Belted Radius

85

IBM AIX Server

86

Metainfo MetaIP

87

SymantecSystemCenter

90

Cisco ACS

92

Forescout CounterACT

93

McAfee ePolicy Orchestrator

95

CiscoNAC Appliance

96

TippingPoint X Series Appliances

97

Microsoft DHCP Server

98

Microsoft IAS Server

99

Microsoft Exchange Server

100

Trend Interscan VirusWall

101

Microsoft SQL Server

102

MAC OS X

103

Bluecoat SG Appliance

104

Nortel Switched Firewall 6000

106

3Com 8800 Series Switch

107

Nortel VPN Gateway

108

Nortel Threat Protection System (TPS) Intrusion Sensor

110

Nortel Application Switch

111

Juniper DX Application Acceleration Platform

112

SNARE Reflector Server

113

Cisco 12000 Series Routers

114

Cisco 6500 Series Switches

115

Cisco 7600 Series Routers

116

Cisco Carrier Routing System

117

Cisco Integrated Services Router

118

Juniper M Series Multiservice Edge Routing

120

Nortel Switched Firewall 5100

122

Juniper MX Series Ethernet Services Router

123

Juniper T Series Core Platform

134

Nortel Ethernet Routing Switch 8300/8600

135

Nortel Ethernet Routing Switch 2500/4500/5500

136

Nortel Secure Router

138

OpenBSD OS

139

Juniper EX Series Ethernet Switch

140

Sysmark Power Broker

141

Oracle Database Listener

142

Samhain HIDS

143

Bridgewater Systems AAA Service Controller

144

Name Value Pair

145

Nortel Secure Network Access Switch (SNAS)

146

Starent Networks Home Agent (HA)

148

IBM AS/400 iSeries

149

Foundry Fastiron

150

Juniper SRX Series Services Gateway

153

CRYPTOCard CRYPTOShield

154

Imperva Securesphere

155

Aruba Mobility Controller

156

Enterasys NetsightASM

157

Enterasys HiGuard

158

Motorola SymbolAP

159

Enterasys HiPath

160

Symantec Endpoint Protection

161

IBM RACF

163

RSA Authentication Manager

164

Redback ASE

165

Trend Micro Office Scan

166

Enterasys XSR Security Routers

167

Enterasys Stackable and Standalone Switches

168

Juniper Networks AVT

169

OS Services Qidmap

170

Enterasys A-Series

171

Enterasys B2-Series

172

Enterasys B3-Series

173

Enterasys C2-Series

174

Enterasys C3-Series

175

Enterasys D-Series

176

Enterasys G-Series

177

Enterasys I-Series

178

Trend Micro Control Manager

179

Cisco IronPort

180

Hewlett Packard UniX

182

Cisco Aironet

183

Cisco Wireless Services Module (WiSM)

185

ISC BIND

186

IBM Lotus Domino

187

HP Tandem

188

Sentrigo Hedgehog

189

Sybase ASE

191

Microsoft ISA

192

Juniper SRC

193

Radware DefensePro

194

Cisco ACE Firewall

195

IBM DB2

196

Oracle Audit Vault

197

Cicso Firepower eStreamer (formerly known as Sourcefire Defense Center)

198

Websense V Series

199

Oracle RDBMS OS Audit Record

206

Palo Alto PA Series

208

HP ProCurve

209

Microsoft Operations Manager

210

EMC VMWare

211

IBM WebSphere Application Server

213

F5 Networks BIG-IP ASM

214

FireEye

215

Fair Warning

216

IBM Informix

217

CA Top Secret

218

Enterasys NAC

219

System Center Operations Manager

220

McAfee Web Gateway

221

CA Access Control Facility (ACF2)

222

McAfee Application / Change Control

223

Lieberman Random Password Manager

224

Sophos Enterprise Console

225

NetApp Data ONTAP

226

Sophos PureMessage

227

Cyber-Ark Vault

228

Itron Smart Meter

230

Bit9 Parity

231

IBM IMS

232

F5 Networks FirePass

233

Citrix NetScaler

234

F5 Networks BIG-IP APM

235

Juniper Networks vGW

239

Oracle BEA WebLogic

240

Sophos Web Security Appliance

241

Sophos Astaro Security Gateway

243

Infoblox NIOS

244

Tropos Control

245

Novell eDirectory

249

IBM Guardium

251

Stonesoft Management Center

252

SolarWinds Orion

254

Great Bay Beacon

255

Damballa Failsafe

258

CA SiteMinder

259

IBM z/OS

260

Microsoft SharePoint

261

iT-CUBE agileSI

263

Digital China Networks DCS and DCRS Series switch

264

Juniper Security Binary Log Collector

265

Trend Micro Deep Discovery

266

Tivoli Access Manager for e-business

268

Verdasys Digital Guardian

269

Hauwei S Series Switch

271

HBGary Active Defense

272

APC UPS

272

Cisco Wireless LAN Controller

276

IBM Customer Information Control System (CICS)

278

Barracuda Spam & Virus Firewall

279

Open LDAP

280

Application Security DbProtect

281

Barracuda Web Application Firewall

283

Huawei AR Series Router

286

IBM AIX Audit

290

Juniper Junos WebApp Secure

291

Nominum Vantio

292

Enterasys 800-Series Switch

293

IBM zSecure Alert

294

IBM Security Network Protection (XGS)

296

F5 Networks BIG-IP AFM

297

IBM Security Network IPS (GX)

298

Fidelis XPS

299

Arpeggio SIFT-IT

300

Barracuda Web Filter

302

Brocade FabricOS

303

ThreatGRID Malware Threat Intelligence Platform

306

Venustech Venusense Unified Threat Management

307

Venustech Venusense Firewall

308

Venustech Venusense Network Intrusion Prevention System

309

ObserveIT

311

Pirean Access: One

312

Venustech Venusense Security Platform

313

PostFix MailTransferAgent

314

Oracle Fine Grained Auditing

315

VMware vCenter

316

Cisco Identity Services Engine

318

Honeycomb Lexicon File Integrity Monitor

319

Oracle Acme Packet SBC

320

Juniper WirelessLAN

330

Arbor Networks Peakflow SP

331

Zscaler Nss

332

Proofpoint Enterprise Protection/Enterprise Privacy

338

Microsoft Hyper-V

339

Cilasoft QJRN/400

340

Vormetric Data Security

341

SafeNet DataSecure/KeySecure

343

STEALTHbits StealthINTERCEPT

344

Juniper DDoS Secure

345

Arbor Networks Pravail

346

Trusteer Apex

348

IBM Security Directory Server

349

Enterasys A4-Series

350

Enterasys B5-Series

351

Enterasys C5-Series

354

Avaya VPN Gateway

356

DG Technology MEAS

358

CloudPassage Halo

359

CorreLog Agent for IBM zOS

360

WatchGuard Fireware OS

361

IBM Fiberlink MaaS360

362

Trend Micro Deep Discovery Analyzer

363

AccessData InSight

364

BM Privileged Session Recorder

367

Universal CEF

369

FreeRADIUS

370

Riverbed SteelCentral NetProfiler

372

SSH CryptoAuditor

373

IBM WebSphere DataPower

374

Symantec Critical System Protection

375

Kisco Information Systems SafeNet/i

376

IBM Federated Directory Server

378

Lastline Enterprise

379

genua genugate

381

Netskope Active

382

Okta Identity Management

383

Oracle Enterprise Manager

384

Microsoft DNS Debug

385

STEALTHbits StealthINTERCEPT Analytics

386

STEALTHbits StealthINTERCEPT Alerts

387

Universal SaaS

388

Cloudera Navigator

390

Skyhigh Networks Cloud Security Platlform

391

Aruba ClearPass Policy Manager

393

Seculert Seculert

394

Trend Micro Deep Security

395

Epic SIEM

396

Enterprise-IT-Security.com SF-Sherlock

397

Microsoft Office 365

398

Exabeam

399

Blue Coat Web Security Service

400

Carbon Black

401

Trend Micro Deep Discovery Email Inspector

402

Onapsis Inc. Onapsis Security Platform

403

CyberArk Privileged Threat Analytics

404

Palo Alto Networks Endpoint Security Manager

405

Box

406

Radware AppWall

407

CrowdStrike Falcon Host

408

IBM Sense

409

CloudLock Cloud Security Fabric

410

Vectra Networks Vectra

411

HP Network Automation

412

JSA Packet Capture

413

Microsoft Azure

414

Kaspersky Threat Feed Service

415

ESET Remote Administrator

416

Illumio Adaptive Security Platform

417

SecureAuth IdP

418

Niara

419

Cisco Cloud Web Security

421

IBM SAN Volume Controller

422

LightCyber Magna

423

Fasoo Enterprise DRM

425

Imperva Incapsula

426

IBM BigFix EDR

428

Carbon Black Protection

429

Cisco Stealthwatch

430

Amazon Virtual Private Cloud Flow Logs