Call Detail Records
Call detail records (CDRs), charging data records, event data records logged by telecoms and network switches
Clickstream Data
Web server, routers, proxy servers, ad servers
Business Process Logs
Business process management logs
Application Logs
Local log files, log4j, log4net, Weblogic, WebSphere, JBoss, .NET, PHP
Configuration Files
System configuration files
Database Audit Logs
Database log files, audit tables
Filesystem Audit Logs
Sensitive data stored in shared filesystems
Packet/Flow Data
tcpdump and tcpflow, which generate pcap or flow data and other useful packet-level and session-level information
Management and Logging APIs
Checkpoint firewalls log via the OPSEC Log Export API (OPSEC LEA) and other vendor specific APIs from VMware and Citrix
Message Queues
JMS, RabbitMQ, and AquaLogic
Operating System Metrics, Status and Diagnostic Commands
CPU and memory utilization and status information using command-line utilities like ps and iostat on Unix and Linux and performance monitor on Windows
SCADA Data
Supervisory Control and Data Acquisition (SCADA)
Sensor Data
Sensor devices generating data based on monitoring environmental conditions, such as temperature, sound, pressure, power, water levels
Syslog
Syslogs from your routers, switches and network devices
Web Access Logs
Web access logs report every request processed by a web server
Web Proxy Logs
Web proxies log every web request made by users through the proxy
Windows Events
Windows application, security and system event logs
Wire Data
DNS lookups and records, protocol level information including headers, content and flow records