Panther.com Documentation Release Notes Request a Demo

Supported Logs

Access token authentication error while onboarding Crowdstrike Event Streams log source in Panther
After fixing an unhealthy log source, why do I still get an error banner in the Panther Console?
Are Microsoft Purview Data Loss Prevention logs supported in Panther?
Are my Salesforce log events batched and sent to Panther at a specific time?
Can I backfill the logs of a new log source into Panther?
Can I exclude logs or specific fields from ingestion into Panther?
Can I exclude the OversizedChangeNotification when ingesting AWS Config logs into Panther?
Can I get notified in Panther when my log source stops receiving logs from any system attached to that source?
Can I integrate with Google BigQuery API to query Gmail logs from Panther?
Can I pause ingestion of a log source in Panther?
Can I send only events that trigger alerts to Panther?
Can I use the field discovery and infer schema features when configuring an AWS CloudWatch Logs source?
Can I view log source integration API tokens in plaintext in Panther?
Can I view more details of a log source without having to click the Edit button?
Can Panther be used to ingest and monitor relational database audit logs, including the tracking of newly-added rows to database tables?
Can Panther filter sensitive fields such as passwords out of incoming logs?
Can Panther ingest GCP Security Command Center logs?
Can Panther give me sample data to use in my account?
Can Panther ingest GCP VPC Flow logs?
Can Panther ingest Monday.com Audit log API logs?
Can Panther perform deduplication on incoming log events?
Does my log source overview in the Panther Console report raw ingested log volume or uncompressed?
Does Panther allow logs to be overwritten or does it append only?
Does Panther backfill log sources after temporary connection issues?
Does Panther have a native integration for 1Password auditevents logs?
Does Panther have out-of-the-box support for ingesting Google Alerts?
Does Panther ingest updates to Azure Monitor files in Blob Storage?
Does Panther natively support ingesting CircleCI Audit logs?
Does Panther offer native support for Signal Sciences logs?
Does Panther support importing alerts produced by CarbonBlack within Panther as log events?
Does Panther support Cloudflare Zero Trust Logs?
Does Panther support ingesting CrowdStrike EventStream logs?
Does Panther support ingesting events from CyberHaven?
Does Panther support ingesting Gmail logs?
Does Panther support ingesting mail logs?
Does Panther support Microsoft Teams as a log source?
Does Panther support native Syslog ingestion?
Does Panther support Nessus Pro self-hosted on the Tenable native integration?
Does Panther support OIDC authentication to Google Workspace?
Does Panther's "Events Over Time by Log Type" graph include events that have been filtered out?
Does Panther's Google Workspace integration ingest Chrome logs?
Does Zoom's deprecation of the JWT app type affect Panther’s log ingestion?
Error "event exceeds maximum size: event at offset 1 is larger than xx Bytes" on Panther AWS Config History log source
Error "event exceeds maximum size: event at offset 1 is larger than xx Bytes" on Panther CloudTrail log source
Error "http status: 403 Forbidden code: UnknownError" when setting up Microsoft Graph API source in Panther
Error "OrganizationDomain invalid, failed to satisfy the condition: tinesDomain" when trying to set up a Tines log source in Panther
Error 'failed to parse integer: strconv.Atoi parsing ...' when processing AWS S3 Server Access logs in Panther
Error 'Source Microsoft365 did not pass configuration check because: error acquiring token: FromClientSecret()' when creating a Microsoft log source in Panther
Error: 403 access denied from Crowdstrike log source
Google Workspace log source unable to access GSuite API in Panther
How are IP addresses normalized and stored in Panther?
How can I adapt my custom Panther CrowdStrike detections and queries using legacy schemas to work with the Crowdstrike.FDREvent schema?
How can I capture repo.add_topic events in GitHub Audit Logs with Panther?
How can I check which Google Workspace application types I’m receiving in Panther?
How can I exclude logs from my Panther GCP integration?
How can I identify recently deleted log sources in the "Ingestion By Log Source" graph in the Panther Dashboard?
How can I ingest AWS EKS logs to only one log source in Panther?
How can I ingest FleetDM logs into Panther?
How can I prevent internal traffic logs from AWS VPC Flow from being ingested into Panther?
How can I restrict Panther user access to log types?
How can I see who edited/deleted a log source in Panther?
How can I set up multiple CloudTrail log sources in Panther?
How do I add new AWS CloudTrail log sources to Panther when the original does not have a prefix?
How do I ingest IP addresses from GitHub Audit Logs into Panther?
How do I resolve "Netskope API response error (403) invalid token" when onboarding NetSkope logs to Panther?
How do I resolve "Organization not found" when ingesting GitHub audit logs in Panther?
How do I resolve "Source Snyk did not pass configuration check" when onboarding Snyk logs to Panther?
How do I resolve a "401 unauthorized" error when onboarding Atlassian logs to Panther?
How do I resolve a “Source encountered errors while processing logs” alert after setting up GitHub log source in Panther?
How do I resolve error "team_not_authorized" when integrating Slack with Panther?
How do I resolve the CloudTrail error "Source has recently encountered errors while processing logs" in Panther?
How do I resolve the error "did not pass configuration check" when onboarding Salesforce logs to Panther?
How do I resolve the error "Field validation failed on the 'required' tag" in Panther?
How do I resolve the Zendesk log error 403 "You do not have access to this page" in Panther?
How do I see who created a log source in Panther?
How often does Panther pull logs from log sources?
How often does Panther query the Atlasian API for getting Jira Audit logs?
How often does Panther try to log in to my Salesforce integration if the password is not valid?
How to Fix "Invalid Redirect" for Panther's Zoom Integration
How to make separate Snowflake tables for my Panther log sources that use the same Panther-managed log type and schema
How to resolve "Error while checking Cloud Pub/Sub subscription existence" for my GCP logs in Panther
How to resolve "invalid header" error when trying to ingest AWS VPC flow logs through Cloudwatch in Panther
How to resolve error 'Source Netskope… 403 - Forbidden. Legacy Rest API v2 is deprecated' when using Panther's Netskope log source integration
I want to ingest a specific field from my log event. Can I do that in Panther?
If I already ingest logs through the GitHub API into Panther, do I need to apply the GitHub webhook schema?
If I delete a log source in Panther, is its data deleted?
Is it possible to detect if someone has edited the contents of a Google doc using Panther?
Is log ingestion case sensitive in Panther?
Is SystemLog the only Okta log that Panther pulls for Okta integrations?
Is the TLS verification parameter necessary for ingesting Fluentd logs into Panther?
Is there a way to integrate CloudTrail logs in Panther without using event notifications?
Is there any way to reduce AWS Cloudtrail latency in Panther?
Is unfiltered raw data stored when applying Filters in Panther?
Panther latency ingesting audit logs from Snyk
The Okta nested field "logOnlySecurityData" is not succesfully parsed in Panther
Troubleshooting log ingestion issues in Panther
What happens when the connection is lost during the log ingestion of Panther's native log sources?
What inclusion filter should I use in my logging sink to only push Panther-supported GCP logs to Panther?
What is the difference between the Panther log types GSuite.Reports and GSuite.ActivityEvent?
What to do when a Panther log source works fine but says "Permission checks for source have failed"
When a log source is deleted, does Panther capture the source ID in it's audit logs?
When changing the domain name of Salesforce, do I need to change the log source in Panther?
When trying to onboard a new Okta log source in Panther I get an Okta API permission error
Why am I receiving a 403 forbidden error on my HMAC authenticated CrowdStrike Falcon alerts?
Why are 1Password ItemUsage logs missing in Panther?
Why are certain Heroku logs failing to be parsed in Panther?
Why are certain ItemUsage 1Password Events not showing up in Panther?
Why are my Google Workspace alerts not ingested by Panther?
Why did my Zendesk log source in Panther stop receiving logs?
Why do I experience delays in parsing Google Workspace events within my Panther Console?
Why do I get the error "failed to read line: gzip decompression failed: flate: corrupt input before offset" on my Lacework log source within Panther?
Why do I see "no bot scopes requested" when onboarding Slack audit logs to Panther?
Why do I see "Slack healthcheck failed - failed response: Slack API error (200) missing_argument" when creating a Slack source in Panther?
Why do I see a "log not CSV" error when trying to test sample data against the AWS.ALB schema in the Panther Console?
Why do I see a “ratelimited” error while onboarding Slack logs to Panther?
Why do I see classification failures for Github Audit logs when I am using a Panther-provided schema?
Why do I see Cloudflare logs dropping and the alert "Source [CloudFlare-YourLogSource] has not received events for more than 1 hour" in Panther?
Why do I see high latency on my MongoDB Atlas log source in Panther?
Why do I see high latency on some of my log types in Panther?
Why do Panther API requests keeps blocking me from resetting my Salesforce security token?
Why does my GuardDuty log source in say it cannot access a log file in Panther?
Why does my recently parsed event have an old p_event_time in Panther?
Why does Panther display the CloudTrail username as "HIDDEN_DUE_TO_SECURITY_REASONS"?
Why haven't I received Salesforce Logs in Panther for the past 24 hours?
Why is my Tines Audit Log Source still waiting to receive data well after initial creation?
Why is Panther not ingesting Microsoft 365 logs despite having no apparent errors?
Why is the percentage of processed data so small in the log source Overview tab in Panther?
Will there be a gap in the logs if permissions fail in a native Panther log source?
Zoom integration error in Panther: status 400, no permission, next page token expired
Azure Activity Audit Logs are not classifying correctly in Panther
GitHub Log Source Permissions Error: "Must have admin rights to Repository", "status":"403"
Error ‘Source Snowflake Prod did not pass configuration check… The requested schema does not exist or not authorized’ when onboarding Snowflake logs in Panther
How do I get to the Verification step after editing a log source in Panther?
Why is my Raw Event Filter for AWS CloudTrail not working as expected?
Troubleshooting GCP Logs Not Appearing in Panther
What is the difference between Ingest Data, Processed Data (Events), Data Received, and Data Stored in Panther?
When is Raw Message Delivery required for SNS to SQS data ingestion in Panther?
How can I pull events from an external SQS queue in Panther without creating a new Panther queue?
How to Configure Auth0 Log Streaming to Panther with the Correct Authentication
How do I resolve the classification error "error found in # byte of ...|Truncated...]|..." when ingesting AWS EKS CloudWatch logs in Panther?
There's a discrepancy between the CrowdStrike logs I expected and those actually ingested in Panther
Does Panther capture failed login attempts in audit logs?
Sublime Security Log Classification Errors in Panther
Error: "Source Atlassian did not pass configuration check because: Atlassian API error (402) - Payment required" in Panther
Why do I get a "Source Atlassian Audit Logs did not pass configuration check because: Atlassian API error (403) - Non 200 response, failed with message: ...." error when trying to on
Understanding Slack Plans and Log Types in Panther
Which Panther actions does the "GET_DETECTION_ALERT_METRICS" audit action represent?
Resolving {"message": "Not Found"} error when authorizing Google Workspace log source in Panther
Why did my Slack logs integration in Panther break when I upgraded my Slack plan?
How do I update the schemas attached to my log source integration?
How do I add custom schemas to a Panther-managed log source that ingests EKS logs into Panther?
GCP log source associated with Google Cloud Storage using WIF doesn't ingest new data in Panther
Why are my GitHub Audit logs showing a latency of 10-15 minutes in Panther?
How to resolve error 'Failed to classify event as 'Amazon.EKS.Audit': 'apiVersion' is a required field but it is missing...' in Panther
How to resolve schema parsing errors with malformed JSON and truncated EKS log data in Panther
How do I split a single log source into multiple tables based on log content in Panther
Does Panther export the MongoDB logs or fetch them through API calls?
Salesforce is deprecating the SOAP Authentication method. How will Panther address this?
My Panther Zendesk log source is failing after switching from OAuth2 to API key authentication
What values are required for MongoDB Atlas API keys in Panther?
Does Panther extract indicators from nested fields in Crowdstrike.FDREvent schema?