AlienVault® USM Anywhere™

Plugin Management

USM Anywhere plugins are software components that provide logic specific to extracting data from raw logs produced by external devices, operating systems, and applications. A plugin enriches the collected data with security-specific metadata to produce an event managed by USM Anywhere.

Within the USM Anywhere environment, a plugin has a specific scope of functionality:

Note: Plugins are different from AlienApps™. Plugins have a singular function to translate raw log data into normalized events for analysis by USM Anywhere. But AlienApps do much more, including collecting and enriching log data, performing threat analysis, and providing workflow that coordinates response actions with the infrastructure and third-party applications to provide security orchestration.