USM Appliance Plugins List The AT&T Alien Labs™ Security Research Team regularly updates the data source library to increase the extensibility of USM Appliance. These AlienApps enable your USM Appliance Sensor to process and analyze logs produced by your existing devices and applications. Note: This table shows the plugins that ship with USM Appliance as of April 13, 2021. List of Plugins Available in USM Appliance Plugin Name Plugin ID Vendor Enabled per Asset Linq2FA 1977 Innovative Solutions Yes a10-thunder-waf 1872 A10 Yes abas 1961 abas ERP Yes abs-scrooge-nxlog 2541 LimeSystems Yes accellion-kiteworks 1965 Accellion Yes actiontec 1764 Actiontec Yes adaudit-plus 1781 ManageEngine Yes aerohive-wap 1814 Aerohive Networks Yes aide 2528 AIDE Yes airlock 1641 Envault Yes airport-extreme 1805 Apple Yes aix-audit 1649 IBM Yes aladdin 1566 SafeNet Yes alcatel 1770 Alcatel Yes allot 1608 Allot Communications Yes alteonos 1684 Nortel Networks Yes amun-honeypot 1662 Amun Yes apache-ldap 1713 Apache Software Foundation Yes apache-syslog 1501 Apache Software Foundation Yes apache-tomcat 1816 Apache Software Foundation Yes USM Appliance Plugins List 1 List of Plugins Available in USM Appliance (Continued) Plugin Name Plugin ID Vendor Enabled per Asset apache 1501 Apache Software Foundation Yes aqtronix-webknight 1964 AQTRONiX Yes arista-switch 1820 Arista Yes arpalert-idm 50003 Arpalert Yes arpalert-syslog 1792 Arpalert Yes array-networks-sag 1906 Array Networks Yes artemisa 1668 Artemisa Yes artica 1775 Artica Yes artillery 1914 Binary Defense Yes aruba-6 1690 Aruba Networks Yes aruba-airwave 1784 Aruba Networks Yes aruba-clearpass 1789 Aruba Networks Yes aruba 1623 Aruba Networks Yes as400 1742 IBM Yes ascenlink 1660 Xtera Yes assp 1825 Anti-Spam SMTP Proxy Yes asterisk-voip 1736 Asterisk Yes asus-router 1855 AsusTek Yes av-nf-alert 1853 AlienVault Yes av-useractivity-syslog 1749 AlienVault Yes av-useractivity 1749 AlienVault No avast 1567 Avast Yes avaya-gateway 1881 Avaya Yes avaya-wireless 1896 Avaya Yes avaya 1774 Avaya Yes axigen-mail 1664 GeCAD Yes 2 USM Appliance Plugins List List of Plugins Available in USM Appliance (Continued) Plugin Name Plugin ID Vendor Enabled per Asset azure-atp 1982 Microsoft Yes barracuda-link-balancer 1734 Barracuda Yes barracuda-ng 1753 Barracuda Yes barracuda-spam 1709 Barracuda Yes barracuda-sslvpn 1835 Barracuda Yes barracuda-waf 1723 Barracuda Yes barracuda-webfilter 1719 Barracuda Yes baruwa 2534 Baruwa Yes bind 1577 ISC Yes bit9 1630 Carbon Black Yes bit9_v7 1696 Carbon Black Yes bitdefender-gravityzone 1991 Bitdefender Yes bitdefender-ntsa 2540 Bitdefender Yes blackboard-learn 1924 Blackboard Yes bluecoat-packetshaper 1943 Blue Coat Yes bluecoat 1642 Blue Coat Yes bomgar 1799 Bomgar Yes bro-ids 1568 Bro Yes brocade 1754 Brocade Yes bromium-vsentry 2512 Bromium Yes buffalo 1969 Buffalo Americas Yes canary-tools 1958 Canary Yes carbonblack-idm 50003 Carbon Black Yes carbonblack 1746 Carbon Black Yes cb-defense 1846 Carbon Black Yes cerberus-ftp 1797 Cerberus Yes USM Appliance Plugins List 3 List of Plugins Available in USM Appliance (Continued) Plugin Name Plugin ID Vendor Enabled per Asset checkpoint-mepp 1854 Check Point Yes cisco-3030 1657 Cisco Yes cisco-ace 1653 Cisco Yes cisco-acs-idm 50003 Cisco Yes cisco-acs 1594 Cisco Yes cisco-asa 1636 Cisco Yes cisco-asr 1670 Cisco Yes cisco-call 1768 Cisco Yes cisco-cube 1966 Cisco Yes cisco-cucm 1926 Cisco Yes cisco-esa 1752 Cisco Yes cisco-expressway 1998 Cisco Yes cisco-firepower 1782 Cisco Yes cisco-fw 1514 Cisco Yes cisco-ids 1515 Cisco Yes cisco-ips-syslog 1656 Cisco Yes cisco-ips 1597 Cisco Yes cisco-isa 1702 Cisco Yes cisco-ise 1725 Cisco Yes cisco-meraki 1695 Cisco Yes cisco-nexus-nx-os 1652 Cisco Yes cisco-ngips 1721 Cisco Yes cisco-pix 1514 Cisco Yes cisco-prime 1992 Cisco Yes cisco-router 1510 Cisco Yes cisco-rv 1868 Cisco Yes 4 USM Appliance Plugins List List of Plugins Available in USM Appliance (Continued) Plugin Name Plugin ID Vendor Enabled per Asset cisco-ucs 1793 Cisco Yes cisco-viptela 2500 Cisco Yes cisco-vpn 1527 Cisco Yes cisco-wlc 1663 Cisco Yes cisco-wsa 2535 Cisco Yes citrix-netscaler 1678 Citrix Systems Yes clamav 1555 ClamAV Yes clamwin-nxlog 1861 ClamWin Yes claroty-platform 1935 Claroty Yes clearswift 1930 Clearswift Yes cloudpassage 1729 CloudPassage Yes clurgmgr 1528 Red Hat Yes comodo-antivirus 1869 Comodo Yes contentkeeper-sig 1937 ContentKeeper Yes corero-ips 1804 Corero Yes correlog 1940 CorreLog Yes coslat-hotspot 2511 Coslat Security Systems Yes courier 1617 Courier-MTA Yes crowdstrike 1889 CrowdStrike Yes crushftp 1903 CrushFTP Yes cryptospot 1947 CRYPTTECH Yes cyberark 1791 CyberArk Yes cyberguard 1575 CyberGuard Yes cyberoam 1732 Sophos Yes cyberx-xsense 1990 CyberX Yes cylance 1744 Cylance Yes USM Appliance Plugins List 5 List of Plugins Available in USM Appliance (Continued) Plugin Name Plugin ID Vendor Enabled per Asset cyphort 1765 Cyphort Yes darktrace 1806 Darktrace Yes datto-siris 1890 Datto Yes ddi-frontline 1933 Digital Defense Incorporated Yes deepsec-agent 1862 Trend Micro Yes deepsec-manager 1720 Trend Micro Yes defender-tokengo 1865 Quest Software Yes dell-chassis 1786 Dell Yes dell-equallogic 1845 Dell Yes dell-force 1787 Dell Yes dell-idrac 1983 Dell Yes dell-secureworks 1801 Dell Yes dell-switch 1972 Dell Yes dell-xseries 2536 Dell Yes denyall-waf 1922 DenyAll Yes dhcp-nxlog 1584 Microsoft Yes dhcp 1584 Microsoft Yes digital-guardian 2518 Digital Guardian Yes dlink-des 1987 D-Link Yes dlink-firewall 1898 D-Link Yes dlink-wireless 1867 D-Link Yes dovecot 1648 Dovecot Yes dragon 1569 Enterasys Yes draytek-vigor 1842 DrayTek Yes drupal-wiki 1675 Drupal No dtex 1912 Dtex Systems (Pty) Ltd Yes 6 USM Appliance Plugins List List of Plugins Available in USM Appliance (Continued) Plugin Name Plugin ID Vendor Enabled per Asset duo-2fa 1981 Duo Yes eljefe 1634 Immunity No emc-datadomain 1963 Dell Yes emc-isilon 1819 Dell Yes emc-recoverpoint 1921 Dell Yes emc-vnxe 1818 Dell Yes emet 1794 Microsoft Yes enterasys-rmatrix 1622 Enterasys Yes eset 1706 Eset Yes exchange-nxlog 1603 Microsoft Yes exchange 1603 Microsoft Yes extrahop-reveal 2501 ExtraHop Yes extreme-nac-manager 1946 Extreme Networks Yes extreme-switch 1672 Extreme Networks Yes extreme-wireless 1673 Extreme Networks Yes f-secure 2529 F-secure Yes f5-firepass 1674 F5 Yes f5 1614 F5 Yes fail2ban 1971 Fail2ban Yes failsafe 1837 Damballa Yes falconstor 1831 FalconStor Software Yes fatpipe-mpvpn 1929 FatPipe Networks Yes fidelis 1592 IBM Yes fireeye-cm 1813 FireEye Yes fireeye-hx 1826 FireEye Yes fireeye 1707 FireEye Yes USM Appliance Plugins List 7 List of Plugins Available in USM Appliance (Continued) Plugin Name Plugin ID Vendor Enabled per Asset forcepoint-dlp 2515 Forcepoint Yes forcepoint-ngfw 2521 Forcepoint Yes forescout-nac 1874 ForeScout Yes fortiWLC 1822 Fortinet Yes fortiadc 2531 Fortinet Yes fortiauthenticator 1811 Fortinet Yes fortigate 1554 Fortinet Yes fortiguard 1621 Fortinet Yes fortimail 1692 Fortinet Yes fortinet-fortidb 2537 Fortinet Yes fortiproxy 2549 Fortinet Yes fortisandbox 2542 Fortinet Yes fortiweb 1698 Fortinet Yes freeipa 1886 FreeIPA Yes freeradius 1762 FreeRADIUS Yes fw1-alt 1590 Check Point Yes fw1-cef 1995 Check Point Yes gajproactive 2508 gajshield Yes gajshield-firewall 2525 Gajshield Yes geist-watchdog 2000 Geist Yes gfi 1530 GFI Yes glastopng 1667 Honeynet Project Yes gta-firewall 1882 Global Technology Associates Yes h3c-ap 1724 H3C Yes h3c-switch 1712 H3C Yes ha-proxy 1884 HAProxy Yes 8 USM Appliance Plugins List List of Plugins Available in USM Appliance (Continued) Plugin Name Plugin ID Vendor Enabled per Asset harpp-ddos 1852 HARPP Yes heartbeat 1523 Linux-HA Yes hitachi-hnas 1836 Hitachi Yes honeybot 1915 Atomic Software Solutions Yes honeyd 1570 Honeyd Yes hp-chassis 1870 HP Yes hp-eva 1579 HP Yes hp-msm-controller 1908 HP Yes hp-san-switch 1778 HP Yes hp-switch 1705 HP Yes hp-wireless 1708 HP Yes hpe-3par 1949 HPE Yes hpe-ilo 1932 HPE Yes hpe-nbx 2538 HPE Yes huawei-ips 1873 Huawei Yes huawei-router 1830 Huawei Yes huawei 1728 Huawei Yes hytrust-keycontrol 1941 HyTrust Yes ibm-imm 1860 IBM Yes ibm-infosphere-guardium 1939 IBM Yes ibm-tam 1838 IBM Yes ibm-websphere 1772 IBM Yes iboss 1927 IBoss Yes iis-nxlog 1502 Microsoft Yes iis 1502 Microsoft Yes illusive-honeypot 2526 Illusive Networks Yes USM Appliance Plugins List 9 List of Plugins Available in USM Appliance (Continued) Plugin Name Plugin ID Vendor Enabled per Asset imperva-securesphere 1679 Imperva Yes impravata-onesign 1758 Imprivata Yes incapsula 1777 Imperva Yes infoblox 1659 Infoblox Yes intrushield 1551 McAfee Yes ipfw 1529 FreeBSD Yes iprism 1779 Edgewave Yes iptables 1503 Suse Yes ironport 1591 Cisco Yes isa 1565 Microsoft Yes jboss 1848 Red Hat Yes juniper-ex 1759 Juniper Networks Yes juniper-idp 1693 Juniper Networks Yes juniper-mx 1700 Juniper Networks Yes juniper-nsm 1694 Juniper Networks Yes juniper-qfx 2539 Juniper Networks Yes juniper-srx 1626 Juniper Networks Yes juniper-vpn 1609 Juniper Networks Yes kaspersky-sc-db 1737 Kaspersky Yes kaspersky-sc 1737 Kaspersky Yes kaspersky 1733 Kaspersky Yes kemp 1755 Kemp Technologies Yes kerio-connect 1913 Kerio Technologies Yes kismet 1596 Kismet Yes linux-usergroupadd 1931 Linux Yes linuxdhcp-idm 50003 Linux No 10 USM Appliance Plugins List List of Plugins Available in USM Appliance (Continued) Plugin Name Plugin ID Vendor Enabled per Asset linuxdhcp 1607 Linux Yes locum-realtime-monitor 2519 Locum Yes logbinder-sp 1714 LOGbinder Yes lucent-brick 1588 Lucent Yes m0n0wall 1559 M0n0wall