ALIENVAULT USM APPLIANCE PLUGINS LIST

This is the current plugin library that ships with AlienVault USM Appliance as of May 21, 2019.

The AlienVault Labs Security Research Team regularly updates the plugin library to increase the extensibility of USM Appliance. These plugins enable your USM Appliance to process and analyze logs produced by your existing devices and applications quickly.

Plugin Name Vendor Model a10-thunder-waf A10 Thunder WAF abas abas ERP abas accellion-kiteworks Accellion Kiteworks actiontec Actiontec Verizon FIOS adaudit-plus ManageEngine ADAudit Plus aerohive-wap Aerohive Networks Wireless Access Point airlock Envault Airlock airport-extreme Apple AirPort Extreme aix-audit IBM Aix Audit aladdin SafeNet eSafe alcatel Alcatel Arista Switch allot Allot Communications NetEnforcer alteonos Networks Alteon amun-honeypot Amun Amun Honeypot Apache Software apache Apache HTTP Server Foundation Apache Software apache-ldap OpenLDAP Foundation Apache Software apache- Apache HTTP Server Foundation Apache Software apache-tomcat Tomcat Foundation aqtronix-webknight AQTRONiX WebKnight arista-switch Arista Switches arpalert-idm Arpalert Arpalert arpalert-syslog Arpalert Arpalert array-networks-sag Array Networks Secure Access Gateway artemisa Artemisa Artemisa Honeypot artica Artica Proxy artillery Binary Defense Artillery Honeypot ALIENVAULT USM APPLIANCE PLUGINS LIST aruba Aruba Networks Mobility Access Switches aruba-6 Aruba Networks Wireless aruba-airwave Aruba Networks Airwave aruba-clearpass Aruba Networks ClearPass as400 IBM AS400 ascenlink Xtera AscenLink assp Anti-Spam SMTP Proxy Anti-Spam SMTP Proxy asterisk-voip Asterisk VoIP asus-router AsusTek Wireless Router avast Avast Free Antivirus Avaya VSP switches avaya-gateway Avaya Media Gateway avaya-wireless Avaya Wireless LAN axigen-mail GeCAD Axigen Mail Server azure-atp Microsoft Advanced Threat Protection barracuda-link- Barracuda Link Balancer balancer barracuda-ng Barracuda Next Gen barracuda-spam Barracuda Spam Firewall barracuda-sslvpn Barracuda SSL VPN barracuda-waf Barracuda Web barracuda-webfilter Barracuda Web Filter bind ISC BIND bit9 Carbon Black Enterprise Protection bit9_v7 Carbon Black Enterprise Protection bitdefender- Bitdefender GravityZone gravityzone blackboard-learn Blackboard Learn bluecoat Blue Coat ProxySG bluecoat-packetshaper Blue Coat PacketShaper bomgar Bomgar Remote Support and Privileged Access bro-ids Bro Bro NSM brocade Brocade Brocade Devices bromium-vsentry Bromium vSentry buffalo Buffalo Americas TeraStation canary-tools Canary Tools carbonblack Carbon Black Enterprise Response carbonblack-idm Carbon Black Enterprise Response cb-defense Carbon Black Defense ALIENVAULT USM APPLIANCE PLUGINS LIST

cerberus-ftp Cerberus FTP Server checkpoint-mepp Check Point Media Encryption and Port Protection cisco-3030 Cisco VPN 3000 Series cisco-ace Cisco ACE Application Control Engine cisco-acs Cisco ACS Secure Access Control Server cisco-acs-idm Cisco ACS Secure Access Control Server cisco-asa Cisco ASA Adaptive Security Appliance cisco-asr Cisco ASR Aggregation Services Router cisco-call Cisco Call Manager cisco-cube Cisco Cisco Unified Border Element cisco-cucm Cisco Unified Communications Manager cisco-esa Cisco AsyncOS Email Security Appliances cisco-expressway Cisco Expressway cisco-firepower Cisco FirePower cisco-fw Cisco Firewall Services Module cisco-ids Cisco IDS Intrusion Detection System cisco-ips Cisco IPS Intrusion Prevention System cisco-ips-syslog Cisco IPS Intrusion Prevention System cisco-isa Cisco ISA cisco-ise Cisco ISE cisco-meraki Cisco Meraki cisco-nexus-nx-os Cisco NX-OS Next Generation Intrusion Prevention System cisco-ngips Cisco NGIPS cisco-pix Cisco PIX Private Internet eXchange cisco-prime Cisco Prime cisco-router Cisco Router cisco-rv Cisco RV Series VPN Router cisco-ucs Cisco Unified Computing System cisco-viptela Cisco Viptela cisco-vpn Cisco VPN cisco-wlc Cisco Wireless LAN Controller citrix-netscaler Citrix Systems NetScaler clamav ClamAV ClamAV clamwin-nxlog ClamWin ClamWin Free Antivirus claroty-platform Claroty Platform clearswift Clearswift Secure Email Gateway cloudpassage CloudPassage Halo ALIENVAULT USM APPLIANCE PLUGINS LIST

Resource Group (Cluster Service) Manager clurgmgr Daemon comodo-antivirus Comodo Antivirus contentkeeper-sig ContentKeeper Secure Internet Gateway corero-ips Corero IPS correlog CorreLog CorreLog Windows Agent and Toolkit coslat-hotspot Coslat Security Systems Hotspot courier Courier-MTA Courier Mail Server crowdstrike CrowdStrike Falcon Host crushftp CrushFTP CrushFTP cryptospot CRYPTTECH cryptoSPOT cyberark CyberArk Enterprise Password Vault cyberguard CyberGuard SG565 cyberoam Sophos Cyberoam-Firewall cyberx-xsense CyberX XSense cylance Cylance CylancePROTECT cyphort Cyphort Cyphort APT Defense Platform darktrace Darktrace DCIP datto-siris Datto Siris Platform Digital Defense ddi-frontline Frontline Vulnerability Manager Incorporated deepsec-agent Trend Micro Deep Security Agent deepsec-manager Trend Micro Deep Security Manager defender-tokengo Quest Software Defender GO-6 Token -chassis DELL M1000 Chassis dell- Dell EqualLogic dell-force DELL Switches dell-idrac Dell iDRAC dell-secureworks DELL SecureWorks dell-switch Dell Switches denyall-waf DenyAll DenyAll WAF dhcp Microsoft DHCP Client Service dhcp-nxlog Microsoft DHCP Client Service dlink-des D-Link DES Series dlink-firewall D-Link UTM Firewall dlink-wireless D-Link Unified Wireless Controller dovecot Dovecot Secure IMAP Server dragon Enterasys Dragon IDS draytek-vigor DrayTek Vigor ALIENVAULT USM APPLIANCE PLUGINS LIST

drupal-wiki Drupal Drupal CMS dtex Dtex Systems (Pty) Ltd Dtex duo-2fa Duo Two-Factor Authentication eljefe Immunity El Jefe emc-datadomain Dell EMC DataDomain emc-isilon Dell EMC Isilon emc-recoverpoint Dell EMC RecoverPoint emc-vnxe Dell EMC VNXe emet Microsoft Enhanced Mitigation Experience Toolkit enterasys-rmatrix Enterasys Matrix N-Series eset Eset Eset exchange Microsoft Exchange Server exchange-nxlog Microsoft Exchange Server extrahop-reveal ExtraHop Reveal extreme-nac-manager Extreme Networks NetSight NAC Manager extreme-switch Extreme Networks Switch extreme-wireless Extreme Networks Summit Series f5 F5 BIG-IP f5-firepass F5 FirePass SSL VPN fail2ban Fail2ban Fail2ban failsafe Damballa FailSafe falconstor FalconStor Software IPStor fatpipe-mpvpn FatPipe Networks MPVPN fidelis IBM Fidelis Network Data Loss Protection fireeye FireEye MPS fireeye-cm FireEye CM fireeye-hx FireEye HX Series forcepoint-dlp Forcepoint DLP forescout-nac ForeScout CounterACT fortiauthenticator FortiAuthenticator fortigate Fortinet FortiGate fortiguard Fortinet FortiGuard fortimail Fortinet FortiMail fortiweb Fortinet Fortiweb fortiWLC Fortinet fortiWLC freeipa FreeIPA FreeIPA freeradius FreeRADIUS freeradius fw1-alt Check Point FireWall ALIENVAULT USM APPLIANCE PLUGINS LIST

fw1-cef Check Point FireWall gajproactive gajshield gajproactive geist-watchdog Geist Watchdog gfi GFI Vipre Antivirus glastopng Honeynet Project GlastopfNG Honeypot Global Technology gta-firewall Firewall Associates h3c-ap H3C AP h3c-switch H3C Ethernet Switch ha-proxy HAProxy HAProxy harpp-ddos HARPP HARPP DDoS Mitigator heartbeat -HA Heartbeat hitachi-hnas Hitachi NAS Platform honeybot Atomic Software Solutions HoneyBOT honeyd Honeyd Honeyd Virtual Honeypot hp-chassis HP BladeSystem Chassis hp-eva HP EVA Storage hp-msm-controller HP MSM Integrated Controller hp-san-switch HP SAN Switch hp-switch HP Switch hp-wireless HP E-Series Mobility hpe-3par HPE 3PAR hpe-ilo HPE Integrated Lights Out Huawei NG-Firewall huawei-ips Huawei IPS huawei-router Huawei Enterprise Router hytrust-keycontrol HyTrust Key Control ibm-imm IBM Integrated Management Module ibm-infosphere- IBM InfoSphere Guardium guardium ibm-tam IBM Tivoli Access Manager WebSEAL ibm-websphere IBM Websphere iboss IBoss iboss iis Microsoft IIS Internet Information Services iis-nxlog Microsoft IIS Internet Information Services imperva-securesphere Imperva SecureSphere impravata-onesign Imprivata Onesign incapsula Imperva Incapsula WAF infoblox Infoblox DNS Server ALIENVAULT USM APPLIANCE PLUGINS LIST

intrushield McAfee IntruShield IPS ipfw FreeBSD IPFW Firewall iprism Edgewave iPrism Suse IPTables ironport Cisco IronPort isa Microsoft ISA Internet Security and Acceleration Server jboss Red Hat JBoss Middleware juniper-ex Juniper Networks EX Series juniper-idp Juniper Networks IDP Series juniper-mx Juniper Networks MX Routers juniper-nsm Juniper Networks NSM Network and Security Manager juniper-srx Juniper Networks SRX Series juniper-vpn Juniper Networks SA Secure Access Series kaspersky Kaspersky Antivirus kaspersky-sc Kaspersky Security Center kaspersky-sc-db Kaspersky Security Center kemp Kemp Technologies VLM-2000-W kerio-connect Kerio Connect kismet Kismet Kismet Wireless Linq2FA Innovative Solutions LinQ2FA linux-usergroupadd Linux Useradd/Groupadd linuxdhcp Linux DHCP linuxdhcp-idm Linux DHCP Server logbinder-sp LOGbinder LOGbinder for SharePoint lucent-brick Lucent VPN Firewall Brick M0n0wall M0n0wall Embedded Firewall malwarebytes Malwarebytes Malwarebytes malwarebytes-br Malwarebytes Breach Remediation malwarebytes-es Malwarebytes Endpoint Security McAfee Antivirus Engine mcafee-antispam McAfee Anti-Spam mcafee-db McAfee Database Security mcafee-epo McAfee ePolicy Orchestrator mcafee-mvision McAfee MVISION Cloud mcafee-mwg McAfee McAfee-MWG mcafee-nsp McAfee Network Security Platform meru Fortinet Meru Networks WLAN Controller microfocus-voltage Microfocus Voltage ALIENVAULT USM APPLIANCE PLUGINS LIST

microsoft-ata Microsoft Advanced Threat Analytics mikrotik-router MikroTik Router mobileiron-sentry MobileIron Sentry modsecurity TrustWave SpiderLabs ModSecurity Web Application Firewall moodle Moodle Moodle motorola_rfs4000 Motorola RFS 4000 motorola-firewall Motorola RFS Series ms-sccm Microsoft System Center Configuration Manager mssql-audit Microsoft MSSQL mssql-nxlog Microsoft SQL Server multifactor-auth Microsoft Multi-Factor Authentication mwcollect Mwcollect Mwcollect Honeypot mysql-server Oracle MySQL Server naxsi NBS System Naxsi nepenthes Honeynet Project Nepenthes Honeypot nessus Tenable Nessus nessus-detector Tenable Nessus netasq-u Netasq U-Series netgear Netgear FVS318 ProSafe VPN Firewall netgear-switch Netgear Switch netkeeper-fw Broadweb IPS-Netkeeper netkeeper-nids Broadweb Netkeeper NIDS netmotion-mobility NetMotion Mobility VPN netscreen-firewall Juniper Networks NetScreen Series Firewall netscreen-igs Juniper Networks ISG Series netscreen-manager Juniper Networks NetScreen Security Manager netscreen-nsm Juniper Networks NetWork and Security Manager netvanta Adtran NetVanta netwrix-activity-nxlog Netwrix Netwrix Auditor nfs Linux NFS Network File System nginx NGinX NGinX nimble-storage Nimble Nimble-OS nortel-baystack Nortel Networks Baystack Ethernet Switch nortel-switch Nortel Networks Passport 1612 Switch nps-nxlog Microsoft Network Policy Server ntpdate FreeBSD NTPdate ntsyslog NTSyslog NTSyslog nxlog ALIENVAULT USM APPLIANCE PLUGINS LIST

o365-asm Microsoft Office 365 Advanced Security Management observeit-nxlog ObserveIT ObserveIT Cisco OpenDNS Enterprise Insights openldap OpenLDAP OpenLDAP opennms-monitor OpenNMS OpenNMS OpenSwan IPsec -server OpenVPN OpenVPN Access Server optenet Optenet MailSecure oracle-access-manager Oracle Oracle Access Manager oracle-auditvault-fw Oracle Audit Vault and Database Firewall oracle-jde Oracle JD Edwards EnterpriseONE oracle-nxlog Oracle Database Server oracle-syslog Oracle Database Server oracle-weblogic Oracle WebLogic Server os-x Apple OS-X osiris Osiris Osiris HIDS osquery OSquery OSquery owncloud OwnCloud OwnCloud pa-filesight Power Admin PA File Sight packetfence Inverse Inc PacketFence packetwave Ciena Packetwave palerra Oracle Palerra Cloud Security paloalto Palo Alto Networks PA-5000 Series paloalto-traps Palo Alto Networks Traps pam_unix UNIX PAM Pluggable Authentication Module panda-as Panda Security AdminSecure panda-se Panda Security Security for Enterprise password-manager-pro ManageEngine Password Manager Pro passwordstate ClickStudios Passwordstate peplink-balance Peplink Balance Multi-WAN Router OpenBSD PF Packet Filter plixer-scrutinizer Plixer Scrutinizer portnox Portnox CORE Postfix Postfix postgresql PostgreSQL GDG postgresql powerdns Open-Xchange PowerDNS powertech-interact HelpSystems Powertech Interact prads Prads Prads ALIENVAULT USM APPLIANCE PLUGINS LIST

pravail-aps Arbor Networks Pravail APS preempt-fw Preempt Security Behavioral Firewall proftpd ProFTPD ProFTPD proofpoint-ps Proofpoint Protection Server proofpoint-tap Proofpoint Targeted Attack Protection proxim-orinoco Proxim Orinoco AP700 pulsesecure-vpn Pulse Secure Remote Access VPN pulsesecure-vtm Pulse Secure Virtual Traffic Manager pureftpd Pure-FTPd Pure-FTPd purestorage-purity Pure Storage Purity Operating Environment qnap-qts QNAP QTS quickheal-blockedapp Quick Heal SQEPS6.3 quickheal-fileact Quick Heal SQEPS6.3 quickheal-firewall Quick Heal SQEPS6.3 quickheal-vulscan Quick Heal SQEPS6.3 radiator OSC Radiator RADIUS Server radware-apsolute Radware APSolute Vision radware-ips Radware DefensePro rapid7 Rapid7 Nexpose raslogd IBM RASlog realsecure IBM RealSecure Server Sensor redhat-audit Red Hat Audit redtrust Evolium Redtrust riverbed-stealhead Riverbed Technology SteelHead roksit Roksit Roksit DNS Firewall rrd RRDtool RRDtool rsa-authentication- RSA Authentication Manager manager rsa-secureid RSA SecurID rsa-securid-idr RSA Security SecurID IDR rubrik Rubrik Backup ruckus Ruckus ZoneDirector safenet-sas SafeNet Authentication Service samhain Samhain Labs Samhain sangfor Sangfor NGFW sangfor-iam Sangfor IAM sap SAP NetWeaver scom-nxlog Microsoft SCOM ALIENVAULT USM APPLIANCE PLUGINS LIST

secret-server Thycotic Software Secret Server sectona-spectra Sectona Spectra PAM secureauth SecureAuth SecureAuth securelink SecureLink Enterprise seeburger-bis Seeburger BIS selinux SELinux SELinux sendmail SendMail SendMail sentinelone SentinelOne SentinelOne serviceguard HP Serviceguard Shorewall Shorewall shrubbery-tacacs Shrubbery Networks TACACS+ sidewinder McAfee Firewall Enterprise silentdefense SecurityMatters SilentDefense silvershield Extenua SilverSHielD siteminder SiteMinder Policy-Server IBM Internet Security siteprotector Site Protector Systems IBM Internet Security siteprotector-iss Site Protector Systems siteprotector-snmp IBM Proventia IPS sitescope HP SiteScope smbd Samba Samba SMB snare Intersect Alliance Snare snare-idm Intersect Alliance Snare snare-mssql Intersect Alliance Snare snare-msssis Intersect Alliance Snare snort_syslog Snort Snort softerra-adaxes Softerra Adaxes softether SoftEther VPN Project SoftEther VPN solida Solida Systems International Solida SL-6000 sonicwall DELL SonicWALL Scrutinizer sonicwall-vpn Dell SonicWall VPN sophos Sophos Antivirus sophos-central Sophos Central sophos-ec Sophos EC sophos-es Sophos ES sophos-mssql Sophos Antivirus sophos-utm Sophos Sophos-UTM sophos-ws Sophos Secure Web Gateway ALIENVAULT USM APPLIANCE PLUGINS LIST

sophos-xg Sophos XG Apache Software spamassassin SpamAssassin Foundation spamtitan TitanHQ SpamTitan Squid Squid Cache Proxy squidGuard SquidGuard SquidGuard ssh OpenBSD OpenSSH ssh-remote OpenBSD OpenSSH stealthbits- STEALTHbits Activity Monitor activitymonitor stealthintercept STEALTHbits StealthINTERCEPT stealthwatch Cisco Lancope StealthWatch stonegate Stonesoft StoneGate stonegate_ips Stonesoft IPS storewize-V7000 IBM Storwize V7000 stormshield Stormshield Network Security stunnel stunnel sudo Sudo Sudo suhosin Suhosin Suhosin PHP Security Extension suricata-eve OISF Suricata symantec-ams Symantec AMS symantec-atp Symantec ATP symantec-dlp Symantec Data Loss Prevention symantec-encryption Symantec Protection symantec-epm Symantec Endpoint Protection symantec-mg Symantec Messaging Gateway synology Synology DiskStation syslog Syslog Syslog sysmon-nxlog Microsoft Sysmon tacacs-plus Shrubbery Networks TACACS+ tanium Tanium EndPoint Platform tarantella Automation Access Tarantella tesserent-ng Tesserent Managed Next Gen Firewall tippingpoint Trend Micro TippingPoint IPS token-rsa RSA SecurID Software Token Converter trendmicro Trend Micro InterScan Messaging Security trendmicro-cm Trend Micro Control Manager trendmicro-dda Trend Micro Deep Discovery Analyzer trendmicro-ddi Trend Micro Deep Discovery Inspector ALIENVAULT USM APPLIANCE PLUGINS LIST

trendmicro-iwsva Trend Micro InterScan Web Security Virtual Appliance trendmicro-vp Trend Micro Vulnerability Protection tripwire tripwire Enterprise triton ForcePoint Triton AP-Web trustwave Trustwave Secure Web Gateway tufin Tufin Tufin Orchestration Suite ubiquiti-toughswitch Ubiquiti TOUGHSwitch PoE ubiquiti-unifi Ubiquiti Unifi untangle-ngfw Untangle NG Firewall vandyke-vshell VanDyke VShell varmour vArmour Firewall varonis-datadvantage Varonis DatAdvantage vectra Vectra X-Series vitalsigns-siem-agent SDS VitalSigns SIEM Agent vmware-airwatch VMware AirWatch vmware-esxi VMware ESXi vmware-nsx VMware NSX vmware-sso VMware Single Sign On Server vmware-vcenter VMware vCenter vmware-vcenter-sql VMware vCenter vmware-view-admin VMware View Administrator vmware-vshield VMware vShield vmware-workstation VMware WorkStation vormetric-dsm Vormetric Data Security Manager vplus IBM VisionPLUS Vsftpd Vsftpd Brocade Vyatta vRouter watchguard WatchGuard XTM Series watchguard-xcs-mg WatchGuard XCS web-titan-gateway TitanHQ Web Titan Gateway Webmin Webmin webroot-flowscape Webroot FlowScape websense Websense Web Security Gateway websense-content Websense Content Gateway websense-esg Websense Email Security Gateway websense7 Websense Web Security Gateway windns Microsoft DNS Server windns-nxlog Microsoft DNS Server ALIENVAULT USM APPLIANCE PLUGINS LIST

windows-fw-nxlog Microsoft winftp-nxlog Microsoft Windows IIS FTP Server wing-ftp-server Wing FTP Software Wing FTP Server wuftp WU-Ftp WU_Ftp xirrus-wap Riverbed Technology Xirrus Wireless Access Point yara Yara Yara zerofox ZeroFox Social Media Security SAAS Platform zimperium-zconsole Zimperium zConsole zscaler zScaler Nanolog zyxel-firewall ZyXEL ZyWALL