Integrations

Search UI

Serverless

Protect, investigate, and respond to complex threats by unifying the capabilities of SIEM, endpoint security, and cloud security.

Elastic Security

A reference table for all Elastic integrations

Integrations quick reference

Collect logs from 1Password with Elastic Agent.

1Password

Collect logs and metrics from ActiveMQ instances with Elastic Agent.

ActiveMQ

Airflow

Collect logs from Akamai with Elastic Agent.

Akamai

Collect logs from Amazon Security Lake with Elastic Agent.

Amazon Security Lake

Collect logs and metrics from Apache servers with Elastic Agent.

Apache HTTP Server

Collect, analyze, and view logs and metrics from Apache—a free and open-source web server software.

Apache

Collect metrics from Apache Spark with Elastic Agent.

Apache Spark

Collect and parse logs and metrics from Apache Tomcat servers with Elastic Agent.

Apache Tomcat

Monitor, detect, and diagnose complex application performance issues.

Elastic APM

Collect logs and metrics from Arista NG Firewall.

Arista NG Firewall

Collect logs from Atlassian Bitbucket with Elastic Agent.

Atlassian Bitbucket

Collect logs from Atlassian Confluence with Elastic Agent.

Atlassian Confluence

Collect logs from various Atlassian products. Atlassian develops collaboration and project management tools for software development teams.

Atlassian

Collect logs from Atlassian Jira with Elastic Agent.

Atlassian Jira

Collect logs from Linux audit daemon with Elastic Agent.

Auditd Logs

Collect logs from Auditd. Auditd is a user-space component of the Linux Auditing System that records and tracks security-related events for monitoring and analysis purposes.

Auditd

The Auditd Manager Integration receives audit events from the Linux Audit Framework that is a part of the Linux kernel.

Auditd Manager

Collect logs from Auth0 with Elastic Agent.

Auth0

Collect logs and metrics from Amazon Web Services (AWS) with Elastic Agent.

Collect AWS Bedrock model invocation logs with Elastic Agent.

AWS Bedrock

Collect raw logs from AWS S3 or CloudWatch with Elastic Agent.

Custom AWS Logs

Collects metrics from containers and tasks running on Amazon ECS clusters with Elastic Agent.

AWS Fargate

Stream logs from Amazon Data Firehose into Elastic Cloud.

Amazon Data Firehose

This Elastic integration collects logs from Azure

Azure Logs

Collect logs and metrics from Azure App Service with Elastic Agent.

Azure App Service

Collect application insights metrics from Azure Monitor with Elastic Agent.

Azure Application Insights Metrics Overview

Collect billing metrics with Elastic Agent.

Azure Billing Metrics

Collect log data from configured Azure Blob Storage Container with Elastic Agent.

Custom Azure Blob Storage Input

This Elastic integration collects logs from Azure Frontdoor.

Azure Frontdoor

Get metrics and logs from Azure Functions

Azure Functions

Collect metrics from Azure resources with Elastic Agent.

Azure Resource Metrics

Collect logs from Azure Network Watcher NSG with Elastic Agent.

Azure Network Watcher NSG

Collect logs from Azure Network Watcher VNet with Elastic Agent.

Azure Network Watcher VNet

Azure OpenAI

Collect logs from Barracuda Web Application Firewall with Elastic Agent.

Barracuda Web Application Firewall

Collect logs from Barracuda CloudGen Firewall devices with Elastic Agent.

Barracuda CloudGen Firewall Logs

Collect logs from various Barracuda products. Barracuda provides security, networking, and storage products based on network appliances and cloud services.

Barracuda

BBOT is a recursive internet scanner inspired by Spiderfoot, but designed to be faster, more reliable, and friendlier to pentesters, bug bounty hunters, and developers.

BBOT (Bighuge BLS OSINT Tool)

Package to identify beaconing activity in your network events.

Network Beaconing Identification

Beat

Ingest BitDefender GravityZone logs and data

BitDefender

Collect logs from Bitwarden with Elastic Agent.

Bitwarden

Deprecated. Director is no longer supported.

Blue Coat Director Logs (Deprecated)

Box Events

Collect logs from VMWare Carbon Black Cloud with Elastic Agent.

VMware Carbon Black Cloud

Collect logs from VMware Carbon Black EDR with Elastic Agent.

VMware Carbon Black EDR

This Elastic integration collects logs and metrics from cassandra.

Cassandra

Collect logs from CEF Logs with Elastic Agent.

Common Event Format (CEF)

Collect custom events from an API with Elastic agent

Custom API using Common Expression Language

This Elastic integration collects metrics from Ceph instance.

Ceph

Collect logs from Check Point with Elastic Agent.

Check Point

This package allows the ingest of known exploited vulnerabilities according to the Cybersecurity and Infrastructure Security Agency of the United States of America. This information could be used to enrich or track exisiting vulnerabilities that are known to be exploited in the wild.

CISA Known Exploited Vulnerabilities

Cisco Aironet

Collect logs from Cisco ASA with Elastic Agent.

Cisco ASA

Collect logs from Cisco Duo with Elastic Agent.

Cisco Duo

Collect logs from Cisco FTD with Elastic Agent.

Cisco FTD

Collect logs from various Cisco products. Cisco is a leader in networking hardware, software, and services, offering a wide range of products for networking and communication needs.

Cisco

Collect logs from Cisco IOS with Elastic Agent.

Cisco IOS

Collect logs from Cisco ISE with Elastic Agent.

Cisco ISE

Collect logs from Cisco Meraki with Elastic Agent.

Cisco Meraki

Collect logs from Cisco Nexus with Elastic Agent.

Cisco Nexus

Collect logs from Cisco Secure Email Gateway with Elastic Agent.

Cisco Secure Email Gateway

Collect logs from Cisco Secure Endpoint (AMP) with Elastic Agent.

Cisco Secure Endpoint

Collect logs from Cisco Umbrella with Elastic Agent.

Cisco Umbrella

This Elastic integration collects logs and metrics from Citrix ADC product.

Citrix ADC

Collect logs and metrics from various Citrix products. Citrix is trusted by millions of cloud users and thousands of companies across the globe.

Citrix

Ingest events from Citrix Systems Web App Firewall.

Citrix Web App Firewall

Elastic Defend for Containers (BETA) provides cloud-native runtime protections for containerized environments.

Defend for Containers

Identify & remediate configuration risks in your Cloud infrastructure

Security Posture Management

Collect logs from Cloudflare with Elastic Agent.

Cloudflare

Collect logs from various Cloudflare products. Cloudflare provides content delivery network services, cloud cybersecurity, DDoS mitigation, and ICANN-accredited domain registration services.

Collect and parse logs from Cloudflare API with Elastic Agent.

Cloudflare Logpush

Collect metrics from CockroachDB servers with Elastic Agent.

CockroachDB Metrics

Collect metrics from containerd containers.

Containerd

Collect logs from CoreDNS instances with Elastic Agent.

CoreDNS

Collect metrics from Couchbase databases with Elastic Agent.

Couchbase

Collect metrics from CouchDB with Elastic Agent.

CouchDB

Cribl

Collect logs from Crowdstrike with Elastic Agent.

CrowdStrike

Collect logs from various CyberArk products. CyberArk is a security software specializing in large-scale corporate privilege access management.

CyberArk

Collect security logs from Cyberark PTA integration.

Cyberark Privileged Threat Analytics

Collect logs from CyberArk Privileged Access Security with Elastic Agent.

CyberArk Privileged Access Security

Collect logs from Cybereason with Elastic Agent.

Cybereason

Collect logs from CylanceProtect devices with Elastic Agent.

CylanceProtect Logs

Collect logs from Darktrace with Elastic Agent.

Darktrace

ML package to detect data exfiltration in your network and file data.

Data Exfiltration Detection

ML solution package to detect domain generation algorithm (DGA) activity in your network data.

Domain Generation Algorithm Detection

Collect metrics and logs from Docker instances with Elastic Agent.

Docker

Collect logs and metrics from Elastic Agents.

Elastic Agent

Collect metrics from a Elastic Package Registry instance

Elastic Package Registry

Collect logs and metrics from various Elastic products.

Elastic Stack Monitoring

Elasticsearch

Protect your hosts and cloud workloads with threat prevention, detection, and deep security data visibility.

Elastic Defend

Enterprise Search

Collect User Identities from Active Directory Entity with Elastic Agent.

Active Directory Entity Analytics

Collect identities from Microsoft Entra ID (formerly Azure Active Directory) with Elastic Agent.

Microsoft Entra ID Entity Analytics

Collect User Identities from Okta with Elastic Agent.

Okta Entity Analytics

Collect logs from ESET PROTECT with Elastic Agent.

ESET PROTECT

Collect metrics from etcd instances with Elastic Agent.

etcd

Deprecated. Use the F5 BIG-IP package instead.

F5 Logs (Deprecated)

Collect logs from F5 BIG-IP with Elastic Agent.

Article navigation