Logs | Integrations | Panther Labs

Logs

View All Integrations

1Password

Monitor your password management platform for suspicious activity.

Apache

Inspect all web activity for signs of suspicious behavior.

Asana

Monitor Asana audit logs to identify suspicious activity in real-time.

Atlassian

Monitor Atlassian audit logs to identify suspicious activity in real-time.

Auditd

Monitor system-level activities in your Linux environment.

Auth0

Monitor user authentication and authorization activities in Auth0.

AWS ALB

Monitor requests sent to your load balancer for suspicious activity.

AWS Aurora

Monitor and detect any suspicious database events.

AWS CloudTrail

Identify any suspicious activity within your AWS infrastructure.

AWS CloudWatch

Monitor any resource changes within your AWS environment.

AWS Config

Monitor the configuration of your AWS resources.

AWS EKS

Monitor your Kubernetes environment for suspicious activity.

AWS GuardDuty

Monitor your AWS environment for malicious activity and unauthorized behavior.

AWS S3

Monitor all requests made to AWS S3 buckets.

AWS Security Hub

Correlate AWS Security Hub findings.

AWS Transit Gateway

Monitor the IP traffic flowing through your transit gateway.

AWS VPC

Monitor the IP traffic going to and from network interfaces in your VPC.

AWS WAF

Investigate traffic that is analyzed by your web Access Control Lists (ACLs).

Azure

Continuously monitor your Azure account.

Bitwarden

Identify any abnormal user activity in your organization's Bitwarden account.

Box

Gain complete visibility into your organization’s content management and file sharing.

Carbon Black

Monitor endpoint activity for suspicious behavior.

Cisco Umbrella

Identify any suspicious or malicious domain addresses or DNS requests.

Cloudflare

Inspect network traffic for signs of suspicious behavior.

CrowdStrike

Gain complete visibility into your managed endpoints.

Docker

Gain complete visibility into your Docker system events.

Dropbox

Identify any suspicious file-sharing activity within your organization.

Duo

Monitor your access management tools for suspicious activity.

Envoy

Monitor network activity for suspicious behavior.

Fastly

Monitor network traffic for signs of suspicious behavior.

Fluentd

Inspect application activity for any signs of suspicious behavior.

GCP

Gain complete visibility into activity across your cloud service.

GitHub

Identify any vulnerabilities within your GitHub repositories.

GitLab

Identify any suspicious behavior within your GitLab environment.

Google Workspace

Identify any suspicious activity within your Google Workspace applications.

Heroku

Monitor your Heroku applications, infrastructure, and admin actions.

Jamf Pro

Monitor Jamf Pro login events for suspicious activity.

Juniper

Monitor network traffic for attack attempts or probes.

Lacework

Gain complete visibility into your cloud and container environments.

Microsoft 365

Monitor your team’s communication and collaboration tools for suspicious activity.

Microsoft Graph

Monitor security alerts across Microsoft products, services, and partners.

MongoDB Atlas

Monitor events within your MongoDB Atlas organization or project.

Netskope

Identify any suspicious cloud-based app or service activity.

Nginx

Monitor Nginx access logs and gain complete visibility into web server activity.

Notion

Continuously monitor your Notion workspace.

Okta

Monitor Okta logs to gain complete visibility into your IdP activity.

OneLogin

Monitor your IdP for suspicious activity.

Osquery

Gain complete visibility into your operating system activity.

OSSEC

Monitor OSSEC logs to gain complete security visibility into host activity.

Salesforce

Monitor your sales operations data for suspicious activity.

SentinelOne

Monitor your endpoint data, network activity, and DNS requests.

Slack

Monitor your team’s communication platform for suspicious activity.

Snyk

Monitor for any changes within your Snyk Organization.

Sophos

Monitor endpoint policy violations and data loss prevention events.

Suricata

Identify any suspicious traffic or domain activity.

Sysdig

Gain complete visibility into Sysdig platform activity.

Syslog

Monitor machine and network activity for suspicious behavior.

Tailscale

Monitor your team’s Tailscale network.

Teleport

Inspect all SSH access activity for signs of suspicious behavior.

Tenable

Gain complete visibility into your network assets.

Tines

Monitor any changes within your Tines tenant.

Windows Event

Monitor application, system, and security notifications from Windows machines.

Zeek

Inspect network traffic and DNS protocols for suspicious activity.

Zendesk

Monitor unusual activity within your Zendesk account.

Zoom

Monitor abnormal user activity within your Zoom account.