The Cato service generates rich and granular events, providing comprehensive visibility across network and security features. You can directly consume these events in the following ways:
Directly in the Cato Management Application (see Analyzing Events in Your Network)
A high-scale feed to Cloud Storage, such as AWS S3 and Azure Blob Storage
Using the Cato API
For more information about license requirements for third-party integrations, see License and Apps for Cato Third-Party Integrations.
Turnkey SIEM Integrations
Forward events directly to the following SIEM solutions using a native connector in the CMA.
Vendor | Cato Knowledge Base Documentation |
|---|---|
| |
| |
|
Supported Third-Party Data Integrations
These vendors officially support integrations with Cato data.
Vendor | Vendor Documentation |
|---|---|
| |
| |
| Sending data to Devo > Collectors > Cato SASE collector Devo parsers > List of Devo parsers > sase Secure Access Service Edge > sase.cato tags |
| |
| Documentation > Reference > Supported log types and default parsers |
| List of supported integrations on Hunters corporate website |
| |
| Custom Integrations - API > Cato Networks Custom Data Collection Integration |
| |
| |
| |
| |
| |
| Cloud-to-Cloud Integration Framework Sources > Cato Networks |
| |
| Zenoss ZenPack Catalog > Network> Cato Networks Integration ZenPack |
Open-Source Data Integrations
In addition to the native turnkey integration described in this article, you can also integrate Cato events with these SIEM vendors using the tools in the Cato GitHub repositories. Cato also offers native turnkey solutions for these vendors.
The reference implementation for these solutions is provided as-is and is not supported by the Cato Support team.
Vendor | Cato Github Reference |
|---|---|
| |
|

















