Data Collection Types are the ways that you integrate your devices in Logsign Unified SecOps Platform . You can choose and configure the integration types you want to use.
Logsign are able to add new plugins with full free plugin service according to your requests for custom integrations.
Logsign provides the following data collection integration types:
- API
- MSSQL
- ORACLE
- SFTP
- SMBSHARE
- WMI
- SYSLOG
- NETFLOW
- LOGSIGN_LEAF
- FILE ORBIS
- GTB
API
API protocol is one of the source addition options of the Logsign.
Logsign connects to the any softwares that are working on cloud you want to polls the datas periodically with API Integration.
MSSQL
MSSQL protocol is one of the source addition options of the Logsign. If your product, device, or software you are using logs on the SQL Databases, Logsign Unified SecOps Platform will read that file and provide you with relevant results.
There are two options on MSSQL Integrations. You can get datas from any table or poll audit logs.
Logsign connects to the databases you want to add with MSSQL port (1433) and polls the datas periodically.
ORACLE
ORACLE protocol is one of the source addition options of the Logsign. If your product, device, or software you are using logs on the ORACLE databases, Logsign Unified SecOps Platform will read that file and provide you with relevant results.
There are two options on ORACLE Integrations. You can get datas from any table or poll audit logs.
Logsign connects to the databases you want to add with ORACLE port and polls the datas periodically.
SFTP
SFTP protocol is one of the source addition options of the Logsign. If your product, device, or software you are using logs on the file in Linux OS, Logsign Unified SecOps Platform will read that file and provide you with relevant results.
Logsign connects to the source you want to add with sftp port (22) and polls the datas periodically.
SMB
SMB protocol is one of the source addition options of the Logsign. If your product, device, or software you are using logs on the file, Logsign Unified SecOps Platform will read that file and provide you with relevant results.
Logsign connects to the source you want to add with smb port (139 & 445) and polls the datas periodically.
WMI
WMI protocol is one of the source addition options of the Logsign. If you want to read EventViewer logs, Logsign Unified SecOps Platform will read that and provide you with relevant results.
Logsign connects to the source you want to add with wmi port (135) and polls the datas from event viewer periodically.
SYSLOG
Syslog protocol is one of the source addition options of the Logsign. If you want to get datas from any source that has syslog forwarding feature, Logsign Unified SecOps Platform will read that datas and provide you with relevant results.
Logsign gets sources' datas you want to add with syslog port (udp 514 / Tcp 515 ) as real time.
NETFLOW
Netflow protocol is one of the source addition options of the Logsign. Layer 2-3 traffic analysis can be performed by integrating flow into Logsign.
There are three options for Netflow integration. When you integrate your devices, flow type can be selected as NETFLOW, SFLOW and IPFIX.
Logsign gets sources' datas you want to add with NETFLOW (2056), SFLOW (6343) and IPFIX(4739) ports as real time.
LOGSIGN_LEAF
Logsign leaf protocol is one of the source addition options of the Logsign.
Collectors installed in one or more locations, they get datas from resources that you want to add. After parse and normalize the datas they forward logs to the central Logsign Unified SecOps Platform.
With the Logsign Leaf integration type, collected, normalized and parsed datas can be integrated in Logsign.