SYSLOG: As you know, Syslog is responsible for communicating the generated logs to various resources or applications and uses 514 port. Logsign SIEM uses this protocol when working with "network-based" devices. Normally, analyzing the logs on such devices is difficult and complicated to perform on the system. Logsign SIEM allows for the analysis of these logs by providing normalization of these logs within their architecture.
WMI: It is a technology that allows almost all logs to be processed and services to be controlled on Windows systems. Also known as Windows Management Instrumentation. Logsign SIEM parse real-time events and activities on your Windows systems and present them to the user in an understandable way. On Windows systems, you can analyze Security, Application and System logs on Logsign SIEM and you will have the chance to take measures against the problems that may arise in your system.
SMB: If you want to get the logs from the which system generates the log function by writing to a file and the SMB protocol moves in this step. For example, if you have a DHCP system with a Microsoft Windows or Linux operating system, Logsign SIEM reads the file and provides you with the result. Logsign SIEM product provides the user with a meaningful experience after reaching the file system logs and using the appropriate architecture in their system.
Other methods of adding resources: