Sentinel can collect data from a wide range of event sources, such as intrusion detection systems, firewalls, operating systems, routers, databases, switches, mainframes, antivirus applications, and Novell applications. A modular architecture divides the task of protocol-level connections (Connectors) and the parsing logic (Collectors) for specific event sources.
Sentinel supports a wide variety of Connectors and also includes a variety of Collectors. The configuration required to integrate a new event source with Sentinel varies, depending on the type of event source and the communication method selected.
You should review the Collector and Connector documentation for any new event source integration to ensure that all available features are enabled.
The configuration required to integrate a new event source with Sentinel varies depending on the type of event source and the communication method selected.