Please enable JavaScript.
Coggle requires JavaScript to display documents.
Azure Sentinel - Data Connections - Coggle Diagram
Azure Sentinel - Data Connections
Service to service integration
Amazon Web Services - CloudTrail
Azure Active Directory - audit logs and sign-in logs
Azure Activity
Azure AD Identity Protection
Azure DDoS Protection
Azure Defender for IoT (formerly Azure Security Center for IoT)
Azure Information Protection
Azure Firewall
Azure Security Center - alerts from Azure Defender solutions
Azure Web Application Firewall (WAF) (formerly Microsoft WAF)
Cloud App Security
Domain name server
Microsoft 365 Defender - includes M365D incidents and Defender for Endpoint raw data
Microsoft Defender for Endpoint (formerly Microsoft Defender Advanced Threat Protection)
Microsoft Defender for Identity (formerly Azure Advanced Threat Protection)
Microsoft Defender for Office 365 (formerly Office 365 Advanced Threat Protection)
Office 365 (now with Teams!)
Windows firewall
Windows security events
External solutions via API
Agari Phishing Defense and Brand Protection
Alcide kAudit
Barracuda WAF
Barracuda CloudGen Firewall
BETTER Mobile Threat Defense
Beyond Security beSECURE
Cisco Umbrella
Citrix Analytics (Security)
F5 BIG-IP
Forcepoint DLP
Google Workspace (formerly G Suite)
NXLog (Windows) DNS Logs
NXLog LinuxAudit
Okta SSO
Orca Security
Perimeter 81 logs
Proofpoint On Demand (POD) Email Security
Proofpoint TAP
Qualys VM
Salesforce Service Cloud
Sophos Cloud Optix
Squadra Technologies secRMM
Symantec ICDX
VMware Carbon Black Cloud Endpoint Standard
Zimperium
External solutions via agent - Firewalls, proxies and endpoints - CEF
AI Vectra Detect
Akamai Security Events
Aruba ClearPass
Broadcom Symantec DLP
Check Point
Cisco ASA
Citrix WAF
CyberArk Enterprise Password Vault
ExtraHop Reveal(x)
F5 ASM
Forcepoint products
Fortinet
Illusive Networks AMS
Imperva WAF Gateway
One Identity Safeguard
Palo Alto Networks
Thycotic Secret Server
Trend Micro Deep Security
Trend Micro TippingPoint
WireX Network Forensics Platform
Zscaler
Other CEF-based appliances
External solutions via agent - Firewalls, proxies, and endpoints - Syslog
Alsid for Active Directory
Cisco Meraki
Cisco Unified Computing System (UCS)
Infoblox NIOS
Juniper SRX
Pulse Connect Secure
Sophos XG
Squid Proxy
Symantec Proxy SG
Symantec VIP
VMware ESXi
Other Syslog-based appliances
Apache HTTP Server
DLP solutions
Threat intelligence providers
DNS machines - agent installed directly on the DNS machine
Azure Stack VMs
Linux servers
Other clouds