Skip to main content

Content Packs

Content Packs are ready-to-use bundles created for Illuminate which include dashboards, streams, alerts and parsing logic designed to accelerate your log analysis and threat detection.

This section contains a list of articles for each available content pack, each one providing step-by-step instructions on how to install the pack, configure it, and start gaining value from the pre-built components.

The following content packs are currently available:

  • Apache

    • Apache Tomcat Server Content Pack

    • Apache Web Server Content Pack

  • AWS

    • AWS Security Lake Content Pack

  • Bitdefender

    • Bitdefender GravityZone Content Pack

  • Carbon Black

    • Carbon Black CB Defense Content Pack

  • Checkpoint

    • Checkpoint Next Generation Firewall Content Pack

  • Cisco

    • Cisco ASA Content Pack

    • Cisco ASA Firepower Content Pack

    • Cisco Business 350 Series Pack

    • Cisco IOS Content Pack

    • Cisco ISE Content Pack

    • Cisco Meraki Content Pack

    • Cisco Umbrella Content Pack

  • Cloudflare

    • Cloudflare Content Pack

  • Compliance & Visibility

    • Compliance Unified Visibility Content Pack (Preview)

  • CrowdStrike

    • CrowdStrike Falcon Content Pack

  • DNS

    • BIND DNS Content Pack

    • Core DNS Content Pack

  • F5

    • F5 BIG-IP Content Pack

  • Fortinet

    • Fortigate Content Pack

  • GitLab

    • GitLab Content Pack

  • Google

    • Google Workspace Content Pack

  • Graylog

    • Graylog API Security Content Pack

  • HAProxy

    • HAProxy Content Pack

  • Juniper

    • Juniper SRX Series Firewall Content Pack

  • Linux

    • Linux Auditbeat Content Pack

    • Linux System Content Pack

    • Linux System User Activity Sigma Rules Content Pack

  • Microsoft

    • Microsoft Defender for Endpoint Content Pack

    • Microsoft DHCP Content Pack

    • Microsoft IIS Content Pack

    • Office 365 Content Pack

    • Windows AppLocker Content Pack

    • Windows Detection Chains Sigma Rules Content Pack

    • Windows DNS Server Content Pack

    • Windows PowerShell Content Pack

    • Windows Security Event Logs Content Pack

    • Windows Security Sigma Rules Content Pack

    • Windows Security User Activity Sigma Rules Content Pack

  • Mimecast

    • Mimecast Content Pack

  • Network

    • NetFlow Content Pack

    • Packetbeat Content Pack

  • NGINX

    • NGINX Content Pack

  • Okta

    • Okta Content Pack

  • Palo Alto

    • Palo Alto 11.x Content Pack

    • Palo Alto Content Pack

  • pfSense

    • pfSense Firewall Content Pack

  • Postfix / Sendmail

    • Postfix Content Pack

    • Sendmail Content Pack

  • Security Tools

    • SFOS 19.5 Content Pack

    • Snort IDS Processing Content Pack

    • SonicWall NGFW Content Pack

    • Sophos Central Content Pack

    • Stormshield Content Pack

    • Symantec Endpoint Content Pack

    • Symantec Endpoint Detection and Response Content Pack

    • Symantec Endpoint Security Content Pack

    • Symantec ProxySG Content Pack

    • Sysmon Content Pack

  • Ubiquiti

    • Ubiquiti UniFi Content Pack

  • WatchGuard

    • Watchguard Firebox Content Pack

  • Web / Sigma Rules

    • Webserver Sigma Rules Content Pack

  • Zeek

    • Zeek Content Pack

In this section: