AlienVault® USM Anywhere™
Supported USM Anywhere Plugins for Common Data Sources
USM Anywhere plugins process data collected from many different data sources, parsing and normalizing the data, and then saving the data as standard format events in the database. USM Anywhere correlates events using rules, and generates alarms when they match the specified conditions. Users can then view and analyze these events and alarms in USM Anywhere. Plugins also work with AlienApps™, which provide additional functionality such as enriching the original log data with information from other sources, performing threat analysis, providing workflow, and coordinating or orchestrating specific actions within an organization's infrastructure and other third-party applications.
Note: For more information about how plugins work, and how to use them, refer to USM Anywhere Plugin Management.
This section provides integration information for the most commonly-used data sources supported by plugins provided in USM Anywhere. For each integration, the instructions describe how to configure the data source to send log data to USM Anywhere, how to select and enable the plugin in USM Anywhere, the fields collected by each plugin, and where to obtain additional configuration and troubleshooting information from the data source vendor's website.
Note: For a list of all the plugins that USM Anywhere supports, see the USM Anywhere Supported Plugins List. Plugins in USM Anywhere are not the same as those used by USM Appliance.