Go Up
You are here: Integration APIAdd-OnsAvailable Add-Ons

Available Add-Ons

At the time of Netwrix Auditor 9.5 release, the following add-ons were verified and posted in Add-ons Store.

NOTE: In Netwrix Auditor 9.0, Netwrix has updated API schemas and older add-ons may become inoperable in 9.5. If you use add-ons that were released at the time of 8.0 or 8.5, make sure to download the latest add-on version in the Add-on Store. See Compatibility Notice for more information.

Name Technology Data in/out Description

Add-on for Amazon Web Services

PowerShell

In

Exports user activity data from your Amazon Web Services using CloudTrail and feeds events to the Audit Database. Use this script if you want to get more out of native Amazon auditing.

CEF Export Add-on

PowerShell

Out

Exports Activity Records from the Audit Database to a CEF file. Use this script to integrate data collected by Netwrix Auditor with SIEM solutions that use CEF files as input data.

Event Log Export Add-on

PowerShell

Out

Exports Activity Records from the Audit Database to a custom Windows event log—Netwrix_Auditor_Integration. Use this script to integrate data collected by Netwrix Auditor with SIEM solutions that use events as input data.

Add-on for ArcSight

PowerShell

Out

Exports Activity Records from the Audit Database to ArcSight in its native CEF format. Use this script to integrate Netwrix Auditor with ArcSight and extend auditing possibilities.

Add-on for RADIUS server

PowerShell

In

Exports RADIUS logon events from the Security event log and feeds them to the Audit Database. Use this script to track logon activity on servers with RADIUS protocol enabled.

The add-on works in collaboration with Netwrix Auditor for Active Directory, collecting additional data that augments the data collected by Netwrix Auditor. Aggregating data into a single audit trail simplifies logon activity analysis and helps you keep tabs on your IT infrastructure.

Add-on for Splunk

PowerShell

Out

Exports Activity Records from the Audit Database to a custom Windows event log. Use this script to integrate Netwrix Auditor with Splunk and extend auditing possibilities.

Add-on for IBM QRadar

PowerShell

Out

Exports Activity Records from the Audit Database to a custom Windows event log. Use this script to integrate Netwrix Auditor with IBM QRadar and extend auditing possibilities.

Add-on for AlienVault USM

PowerShell

Out

Exports Activity Records from the Audit Database to a custom Windows event log. Use this script to integrate Netwrix Auditor with AlienVault USM and extend auditing possibilities.

Add-on for Solarwinds Log & Event Manager

PowerShell

Out

Exports Activity Records from the Audit Database to a custom Windows event log. Use this script to integrate Netwrix Auditor with Solarwinds Log & Event Manager and extend auditing possibilities.

Add-on for Intel Security

PowerShell

Out

Exports Activity Records from the Audit Database to a custom Windows event log. Use this script to integrate Netwrix Auditor with Intel Security and extend auditing possibilities.

Add-on for LogRhythm

PowerShell

Out

Exports Activity Records from the Audit Database to a custom Windows event log. Use this script to integrate Netwrix Auditor with LogRhythm and extend auditing possibilities.

Add-on for Cisco Network Devices

C#

In

Implemented as a service, the add-on listens to UDP port and feeds events from Cisco network devices to the Audit Database. The add-on comes with processing rules for Cisco ASA and IOS devices. Use this add-on if you want to include Cisco activity in your audit trail.

Add-on for Generic Linux Syslog

C#

In

Implemented as a service, the add-on listens to UDP port and feeds events from Syslog-based devices to the Audit Database. The add-on comes with processing rules for rsyslog messages. Use this add-on if you want to include Red Hat Enterprise Linux 7 and 6, SUSE Linux Enterprise Server 12, openSUSE 42, and Ubuntu 16, etc., activity in your audit trail.

Add-on for Privileged User Monitoring on Linux and Unix

C#

In

Implemented as a service, the add-on listens to UDP port and feeds events from Syslog-based devices to the Audit Database. The add-on comes with processing rules for rsyslog messages. Use this add-on if you want to detect SUDO commands and remote access (SSH) on Red Hat Enterprise Linux 7 and 6, SUSE Linux Enterprise Server 12, openSUSE 42, and Ubuntu 16, etc.

Add-on for ServiceNow Incident Management

C#

Out Implemented as a service, the add-on facilitates data transition from Netwrix Auditor and automates ticket creation in ServiceNow Istanbul and Helsinki.

Netwrix Auditor Integration API uses HTTPS with an automatically generated certificate for running requests to its endpoints. By default, add-ons are configured to accept all certificates that is appropriate for evaluation purposes and allows running the script without adjusting.

Refer to Security for detailed instructions on how to assign a new certificate and enable trust on remote computers.

Go Up