Call Detail Records

Call detail records (CDRs), charging data records, event data records logged by telecoms and network switches

Clickstream Data

Web server, routers, proxy servers, ad servers

Business Process Logs

Business process management logs

Application Logs

Local log files, log4j, log4net, Weblogic, WebSphere, JBoss, .NET, PHP

Configuration Files

System configuration files

Database Audit Logs

Database log files, audit tables

Filesystem Audit Logs

Sensitive data stored in shared filesystems

Packet/Flow Data

tcpdump and tcpflow, which generate pcap or flow data and other useful packet-level and session-level information

Management and Logging APIs

Checkpoint firewalls log via the OPSEC Log Export API (OPSEC LEA) and other vendor specific APIs from VMware and Citrix

Message Queues

JMS, RabbitMQ, and AquaLogic

Operating System Metrics, Status and Diagnostic Commands

CPU and memory utilization and status information using command-line utilities like ps and iostat on Unix and Linux and performance monitor on Windows


Supervisory Control and Data Acquisition (SCADA)

Sensor Data

Sensor devices generating data based on monitoring environmental conditions, such as temperature, sound, pressure, power, water levels


Syslogs from your routers, switches and network devices

Web Access Logs

Web access logs report every request processed by a web server

Web Proxy Logs

Web proxies log every web request made by users through the proxy

Windows Events

Windows application, security and system event logs

Wire Data

DNS lookups and records, protocol level information including headers, content and flow records