Understanding Data Collection Types

Data Collection Types are the ways that you integrate your devices in Logsign Unified SecOps Platform . You can choose and configure the integration types you want to use.
Logsign are able to add new plugins with full free plugin service according to your requests for custom integrations.


Logsign provides the following data collection integration types:

  • API
  • MSSQL
  • ORACLE
  • SFTP
  • SMBSHARE
  • WMI
  • SYSLOG
  • NETFLOW
  • LOGSIGN_LEAF
  • FILE ORBIS
  • GTB

API

API protocol is one of the source addition options of the Logsign.

Logsign connects to the any softwares that are working on cloud you want to polls the datas periodically with API Integration.

MSSQL

MSSQL protocol is one of the source addition options of the Logsign. If your product, device, or software you are using logs on the SQL Databases, Logsign Unified SecOps Platform will read that file and provide you with relevant results. 

There are two options on MSSQL Integrations. You can get datas from any table or poll audit logs.
Logsign connects to the databases you want to add with MSSQL port (1433) and polls the datas periodically.

ORACLE

ORACLE protocol is one of the source addition options of the Logsign. If your product, device, or software you are using logs on the ORACLE databases, Logsign Unified SecOps Platform will read that file and provide you with relevant results. 

There are two options on ORACLE Integrations. You can get datas from any table or poll audit logs.
Logsign connects to the databases you want to add with ORACLE port and polls the datas periodically.

SFTP

SFTP protocol is one of the source addition options of the Logsign. If your product, device, or software you are using logs on the file in Linux OS, Logsign Unified SecOps Platform will read that file and provide you with relevant results. 

Logsign connects to the source you want to add with sftp port (22) and polls the datas periodically.

SMB

SMB protocol is one of the source addition options of the Logsign. If your product, device, or software you are using logs on the file, Logsign Unified SecOps Platform will read that file and provide you with relevant results. 

Logsign connects to the source you want to add with smb port (139 & 445) and polls the datas periodically.

WMI

WMI protocol is one of the source addition options of the Logsign. If you want to read EventViewer logs, Logsign Unified SecOps Platform will read that and provide you with relevant results. 

Logsign connects to the source you want to add with wmi port (135) and polls the datas from event viewer periodically.

SYSLOG

Syslog protocol is one of the source addition options of the Logsign. If you want to get datas from any source that has syslog forwarding feature, Logsign Unified SecOps Platform will read that datas and provide you with relevant results. 

Logsign gets sources' datas you want to add with syslog port (udp 514 / Tcp 515 ) as real time.

NETFLOW

Netflow protocol is one of the source addition options of the Logsign. Layer 2-3 traffic analysis can be performed by integrating flow into Logsign.
There are three options for Netflow integration. When you integrate your devices, flow type can be selected as NETFLOW, SFLOW and IPFIX.

Logsign gets sources' datas you want to add with NETFLOW (2056), SFLOW (6343) and IPFIX(4739) ports as real time.

LOGSIGN_LEAF

Logsign leaf protocol is one of the source addition options of the Logsign.

Collectors installed in one or more locations, they get datas from resources that you want to add. After parse and normalize the datas they forward logs to the central Logsign Unified SecOps Platform. 
With the Logsign Leaf integration type, collected, normalized and parsed datas can be integrated in Logsign.

 

 

 

Was this article helpful?
2 out of 3 found this helpful

Articles in this section

See more
Become a Certified Logsign User/Administrator
Sign-up for Logsign Academy and take the courses to learn about Logsign USO Platform in detail. Enjoy the courses, and get your badges and certificates. In these courses, you'll learn how to use Logsign in your work and add value to your career.
Visit Our Blog
Our Logsign USO Platform illustrate our expertise. So do the blog. Through our blog posts, deepen your knowledge on various SecOps topics or get updated about important news & modern approaches for cybersecurity. Get into the habit of reading valuable information provided by Logsign. Be a step ahead.