Connect this data source on your own, using the Hunters platform.
TL;DR
Supported data types | 3rd party detection | Hunters detection | IOC search | Search | Table name | Log format | Collection method |
|---|---|---|---|---|---|---|---|
Solarwinds Orion Syslog logs | ✅ | ✅ | solarwinds_orion_logs | CSV | S3 |
Overview
SolarWinds is a software company that provides IT management and monitoring solutions for networks, systems, and applications. Its platform helps organizations gain visibility into their IT infrastructure, detect performance issues, and manage security risks. SolarWinds offers tools for network performance monitoring, log management, security event detection, and configuration management. These solutions help IT teams troubleshoot problems, optimize system performance, and ensure the reliability and security of their environments.
Supported data types
Solarwinds Orion Syslog logs
Table name: solarwinds_orion_logs
These are primarily system logs from Solarwinds Orion. Orion, being a comprehensive IT infrastructure monitoring and management platform, generates logs related to the performance, availability, and health of your network, servers, and applications. These logs include metrics and events that provide insights into what's happening across your IT environment, such as traffic flow, device status, system errors, and more.
Send data to Hunters
Hunters supports the ingestion of Solarwinds Orion logs via an intermediary AWS S3 bucket.
To connect Solarwinds Orion logs:
Export your logs to a syslog stream, using this guide. For newer version of Solarwinds, use the Solarwinds Platform Log Viewer.
Ship the logs to an AWS S3 bucket.
Once the export is completed and the logs are collected to S3, follow the steps in this section.
Expected format
Logs are expected in CSV format.
<9>Jul 3 07:46:54 app-123 %OrionAlertEngine: 5/3/2023 11:46:54 AM - - User MMI\name1 logged in from 9.1.2.3.