Matano managed log sources are common log sources for which Matano provides preconfigured normalizations, transformations, and schemas. This lets you easily ingest logs from a supported log source without having to write a transformation or specify a schema.
Using managed log sources
To use a Matano managed log source, specify the
managed.type property in your
log_source.yml with the corresponding identifier for the managed log source. There is then no need to specify fields like
schema as these will be applied automatically by the managed log source.
For example, to use the CloudTrail managed log source, your
log_source.yml may look as follows:
Managed log sources may also specify additional properties for custom configuration. You may provide this in the
managed.properties key in your
log_source.yml. Consult the log source specific documentation for the values to provide, if any.
Supported managed log sources
The following are currently supported Matano managed log sources. Click through to view specific documentation for each log source.
The Cloudflare Matano managed log source lets you ingest your Cloudflare logs directly into Matano.
The Duo Matano managed log source lets you ingest your Duo logs directly into Matano.
The GitHub audit logs managed log source lets you ingest your GitHub audit logs directly into Matano.
The 1Password Matano managed log source lets you ingest your 1Password logs for item usages & sign-in attempts directly into Matano.
📄️ Google Workspace
The Google Workspace managed log source allows you to collect logs from various Google Workspace audit, activity, and report endpoints into Matano. The managed log source collects and normalizes data and audit activity from all the Google Workspace Audit Reports API endpoints as well as alerts from the Google Alert Center API.
📄️ Microsoft Graph
The Microsoft Graph managed log source allows you to collect various audit, reporting, and other logs from Microsoft 365 directly into Matano
📄️ Office 365
The Office 365 Matano managed log source lets you ingest your Microsoft Office 365 logs directly into Matano.
The Okta Matano managed log source lets you ingest your Okta System logs directly into Matano.
📄️ Palo Alto Networks
The Palo Alto Networks Matano managed log source lets you ingest your Palo Alto Networks Firewall logs. It supports parsing logs in the Palo Alto Networks PAN-OS Syslog Format.
The Snyk Matano managed log source lets you ingest your Snyk Audit logs and vulnerabilty issues.
The Suricata Matano managed log source lets you ingest your Suricata IDS/IPS/NSM logs. It parses logs that are in the Suricata Eve JSON format.
The Zeek Matano managed log source lets you ingest your Zeek logs directly into Matano.