Custom Collectors - Administrator Guide - Cortex XDR - Cortex - Security Operations

Cortex XDR Pro Administrator Guide

Product
Cortex XDR
License
Pro
Creation date
2024-05-06
Last date published
2024-07-15
Category
Administrator Guide
Abstract

Learn more about adding custom collectors to collect logs from Elasticsearch Filebeat and HTTP.

In addition to logs from supported vendors, you can set up the following custom collectors:

  • Filebeat collector to ingest logs about file activity on your endpoints and servers without using the Cortex XDR agent, you can install Elasticsearch Filebeat as a system logger and then forward those logs to Cortex XDR.

  • HTTP log collector to receive logs in Raw, JSON, CEF, or LEEF format.