TL;DR
Supported data types | 3rd party detection | Hunters detection | IOC search | Search | Table name | Log format | Collection method |
|---|---|---|---|---|---|---|---|
Manage Engine PAM360 Logs | ✅ | ✅ | ✅ | manage-engine-pam360-logs | TEXT | S3 |
Overview
ManageEngine is the enterprise IT management division of Zoho Corporation, established in 2002 to provide affordable, feature-rich, and scalable IT solutions. As a company focused on "bringing IT together," it offers a broad suite of over .png?sv=2022-11-02&spr=https&st=2026-03-25T20%3A35%3A25Z&se=2026-03-25T20%3A46%3A25Z&sr=c&sp=r&sig=1H9XPhNjlTcS5tsaW4bTVZuovZLprorWiTPQ6GDBmb4%3D)
90 products and free tools including ITSM, ITOM, security (SIEM), and unified endpoint management designed to help organisations of all sizes manage their IT infrastructure, networks, and applications. Trusted by over 280,000 companies worldwide, including nine out of every ten Fortune 100 organisations, ManageEngine is recognised for its commitment to R&D, providing both on-premises and cloud solutions that ensure high security and operational efficiency
Supported data types
Manage Engine PAM360 Logs
Overview:
ManageEngine PAM360 logs are a comprehensive mechanism that captures critical information regarding product-specific events, such as application health, user actions, and system errors, which are vital for troubleshooting. These logs are stored locally in text format, typically within the <PAM360_Installation_Directory>\logs folder, where key files include serverout0.txt for application activity and pam0.txt for CLI/SSH connections. To aid in debugging complex issues, users can adjust log levels to "DEBUG," which records detailed information on operations like password resets, although this may log sensitive data. Furthermore, PAM360 provides specialized logs, such as security-log.txt for monitoring XSS/CSRF threats, and facilitates auditing through the "Audit" tab, which maintains tamper-proof records of user actions. These audit logs can be exported as reports, purged periodically, or forwarded to external SIEM tools like Splunk or EventLog Analyzer via syslog for deeper security analysis.
Table name: manage-engine-pam360-logs
Send data to Hunters
Hunters supports the ingestion of Manage Engine PAM360 Logs via an intermediary AWS S3 bucket.
To connect Manage Engine PAM360 Logs:
Export your logs from Manage Engine PAM360 Logs to an AWS S3 bucket.
Once the export is completed and the logs are collected to S3, follow the steps in this section.
Expected format
Logs are expected in TEXT format:
<38>Mar 15 01:00:18 PAM360HOSTA ResourceAudit:System:localhost Resource_Modified 2026/03/15 01:00:17 Success PAM360NODEA RESOURCE_A:USER_A:N/A:Domain_account_'USER_B'_has_been_removed_from_the_Active_Directory_group,_but_not_from_the_resource_in_PAM360.|
<38>Mar 12 15:04:57 PAM360HOSTA UserAudit:N/A:1.2.3.4 User_Authentication_Failed 2026/03/12 15:04:56 Failure PAM360NODEA Non-MSP-Not_Applicable:No_user_with_name_DOMAIN\USER_C_is_configured.|