Custom Logs AMA

Solution: CustomLogsAma

CustomLogsAma Logo

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

Attribute	Value
Publisher	Microsoft Corporation
Support Tier	Microsoft
Support Link	https://support.microsoft.com
Categories	domains
Version	3.0.0
Author	Microsoft - support@microsoft.com
First Published	2024-07-21
Solution Folder	CustomLogsAma
Marketplace	Azure Marketplace · Rating: ★★★☆☆ 3.0/5 (1 ratings) · Popularity: 🟢 High (94%)

Many applications log information to text or JSON files instead of standard logging services, such as Windows Event logs, Syslog or CEF. The Custom Logs solution allows you to collect events from files on both Windows and Linux computers and stream them to custom logs tables you created. While streaming the data you can parse and transform the contents using the DCR. After collecting the data, you can apply analytic rules, hunting, searching, threat intelligence, enrichments and more.

NOTE: Use this connector for the following devices: Cisco Meraki, Zscaler Private Access (ZPA), VMware vCenter, Apache HTTP server, Apache Tomcat, Jboss Enterprise application platform, Juniper IDP, MarkLogic Audit, MongoDB Audit, Nginx HTTP server, Oracle Weblogic server, PostgreSQL Events, Squid Proxy, Ubiquiti UniFi, SecurityBridge Threat detection SAP and AI vectra stream.

Data Connectors

This solution provides 1 data connector(s):

Custom logs via AMA 🔶

🔶 CLv1: This connector ingests into a table that uses the legacy Custom Log V1 schema format with type-suffixed column names (e.g. _s, _d, _b, _t, _g). Note: identification is based on column name suffixes which are also permitted in CLv2, so this classification may not always be accurate.

Tables Used

This solution uses 16 table(s):

Table	Used By Connectors	Used By Content
`ApacheHTTPServer_CL`	Custom logs via AMA	-
`JBossEvent_CL`	Custom logs via AMA	-
`JuniperIDP_CL`	Custom logs via AMA	-
`MarkLogicAudit_CL`	Custom logs via AMA	-
`MongoDBAudit_CL`	Custom logs via AMA	-
`NGINX_CL`	Custom logs via AMA	-
`OracleWebLogicServer_CL`	Custom logs via AMA	-
`PostgreSQL_CL`	Custom logs via AMA	-
`SecurityBridgeLogs_CL`	Custom logs via AMA	-
`SquidProxy_CL` 🔶	Custom logs via AMA	-
`Tomcat_CL`	Custom logs via AMA	-
`Ubiquiti_CL`	Custom logs via AMA	-
`VectraStream_CL` 🔶	Custom logs via AMA	-
`ZPA_CL`	Custom logs via AMA	-
`meraki_CL`	Custom logs via AMA	-
`vcenter_CL`	Custom logs via AMA	-

🔶 CLv1: This table uses the legacy Custom Log V1 schema format with type-suffixed column names (e.g. _s, _d, _b, _t, _g). Note: identification is based on column name suffixes which are also permitted in CLv2, so this classification may not always be accurate.

Release Notes

Version	Date Modified (DD-MM-YYYY)	Change History
3.0.0	08-08-2024	Initial Solution Release

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

↑ Back to Solutions Index