Supported Logs

Panther currently supports 65 security log types across 25 different categories:
​AWS​
​ALB​
​AuroraMySQLAudit​
​CloudTrail​
​CloudTrailDigest​
​CloudTrailInsight​
​CloudWatchEvents​
​GuardDuty​
​S3ServerAccess​
​VPCDns​
​VPCFlow​
​Apache​
​AccessCombined​
​AccessCommon​
​Box​
​Event​
​CiscoUmbrella​
​CloudFirewall​
​DNS​
​IP​
​Proxy​
​Cloudflare​
​Firewall​
​HttpRequest​
​Spectrum​
​Crowdstrike​
​DNSRequest​
​NetworkConnect​
​NetworkListen​
​ProcessRollup2​
​SyntheticProcessRollup2​
​Unknown​
​Duo​
​Administrator​
​Authentication​
​OfflineEnrollment​
​Telephony​
​Fastly​
​Access​
​Fluentd​
​Syslog3164​
​Syslog5424​
​GCP​
​AuditLog​
​GSuite​
​Reports​
​GitLab​
​API​
​Audit​
​Exceptions​
​Git​
​Integrations​
​Production​
​Gravitational​
​TeleportAudit​
​Juniper​
​Access​
​Audit​
​Firewall​
​MWS​
​Postgres​
​Security​
​Lacework​
​Events​
​Nginx​
​Access​
​OSSEC​
​EventInfo​
​Okta​
​SystemLog​
​OneLogin​
​Events​
​Osquery​
​Batch​
​Differential​
​Snapshot​
​Status​
​Slack​
​AccessLogs​
​AuditLogs​
​Sophos​
​Central​
​Suricata​
​Anomaly​
​DNS​
​Syslog​
​RFC3164​
​RFC5424​
​Zeek​
​DNS​
If you don't see what you need listed here, you can write your own parser or upgrade to Panther Enterprise.
AWS Unauthorized API Call
Apache
Last updated 2 months ago