Agentless integrations quick reference
This table lists all Elastic integrations that support agentless deployment.
| Integration | Description | Release status | Version | Minimum Kibana version |
|---|---|---|---|---|
| 1Password | Collect logs from 1Password with Elastic Agent. | GA | 1.34.0 | 9.0.7 8.19.4 |
| abuse.ch | Ingest threat intelligence indicators from URL Haus, Malware Bazaar, and Threat Fox feeds with Elastic Agent. | GA | 3.6.0 | 9.1.0 8.19.0 |
| Airlock Digital | Collect logs from Airlock Digital with Elastic Agent. |
|
0.3.0 | 9.1.0 8.19.0 |
| Amazon GuardDuty | Collect Amazon GuardDuty logs with Elastic Agent. | GA | 6.2.0 | 9.2.1 8.19.4 |
| Amazon Inspector | Collect Amazon Inspector Logs with Elastic Agent. | GA | 6.2.0 | 9.2.1 8.19.4 |
| Anomali | Ingest threat intelligence indicators from Anomali with Elastic Agent. | GA | 2.3.1 | 9.0.0 8.18.0 |
| Armis | Collect logs from Armis with Elastic Agent. |
|
0.4.1 | 9.0.0 8.18.0 |
| AWS Config | Collect AWS Config Logs with Elastic Agent. | GA | 6.2.0 | 9.2.1 8.19.4 |
| AWS Security Hub | Collect logs from AWS Security Hub with Elastic Agent. |
|
0.1.0 | 9.3.0 |
| AWS Security Hub CSPM | Collect AWS Security Hub CSPM Logs with Elastic Agent. | GA | 6.2.0 | 9.2.1 8.19.4 |
| BeyondTrust PRA | Collect logs from BeyondTrust PRA with Elastic Agent. |
|
0.3.2 | 9.0.0 8.18.0 |
| Check Point Harmony Email & Collaboration | Collect logs from Check Point Harmony Email & Collaboration with Elastic Agent. | GA | 1.3.2 | 9.0.0 8.18.0 |
| Cisco Duo | Collect logs from Cisco Duo with Elastic Agent. | GA | 2.8.0 | 9.0.0 8.18.0 |
| Claroty xDome | Collect logs from Claroty xDome with Elastic Agent. | GA | 1.0.1 | 9.0.0 8.18.0 |
| Cloud Asset Discovery | Discover and Create Cloud Assets Discovery | GA | 1.4.1 | 9.3.0 |
| Cloud Security Posture Management (CSPM) | Identify & remediate configuration risks in the Cloud services you leverage | GA | 3.2.1 | 9.3.0 |
| CrowdStrike | Collect logs from Crowdstrike with Elastic Agent. | GA | 3.5.0 | 9.0.0 8.18.0 |
| CrowdStrike Falcon Intelligence | Collect logs from CrowdStrike Falcon Intelligence with Elastic Agent. | GA | 2.6.1 | 9.0.0 8.18.0 |
| Cyera | Collect logs from Cyera with Elastic Agent. |
|
0.5.0 | 9.3.0 9.2.1 9.1.7 8.19.7 |
| Cyware Intel Exchange | Collect logs from Cyware Intel Exchange with Elastic Agent. |
|
0.2.0 | 9.0.0 8.18.0 |
| Elastic Security | Collect logs from Elastic Instance with Elastic Agent. |
|
0.4.0 | 9.1.1 |
| Elasticsearch Service Billing | Collects billing metrics from Elasticsearch Service billing API | GA | 1.7.0 | 9.0.0 8.18.0 |
| ExtraHop | Collect logs from ExtraHop RevealX 360 with Elastic Agent. |
|
0.2.1 | 9.1.2 9.0.5 8.19.2 8.18.5 |
| Google SecOps | Collect alerts from Google SecOps with Elastic Agent. | GA | 1.2.2 | 9.0.0 8.18.0 |
| Google Security Command Center | Collect logs from Google Security Command Center with Elastic Agent. | GA | 2.2.2 | 9.1.4 8.19.4 |
| Google Threat Intelligence | Collect Threat Intelligence Events from Google Threat Intelligence using Elastic Agent, and perform enrichment on Elasticsearch by correlating Indicators of Compromise (IOCs). |
|
0.8.1 | 9.0.0 8.16.0 |
| Google Workspace | Collect logs from Google Workspace with Elastic Agent. | GA | 3.2.1 | 9.1.4 9.0.7 8.19.4 |
| GreyNoise | Collect Threat Intelligence Indicators from GreyNoise using Elastic Agent, and perform enrichment on Elasticsearch by correlating Indicators of Compromise (IOCs). |
|
0.7.3 | 9.0.0 8.17.0 |
| IBM QRadar | Collect logs from IBM QRadar with Elastic Agent. |
|
0.1.1 | 9.0.0 8.18.0 |
| Island Browser | Collect logs from Island Browser with Elastic Agent. | GA | 1.0.0 | 9.1.5 9.0.8 8.19.5 8.18.8 |
| JupiterOne | Collect logs from JupiterOne with Elastic Agent. |
|
0.1.0 | 9.4.0 9.3.1 9.2.4 9.1.10 8.19.10 |
| Microsoft Defender for Cloud | Collect logs from Microsoft Defender for Cloud with Elastic Agent. | GA | 3.2.0 | 9.1.4 8.19.4 |
| Microsoft Defender for Endpoint | Collect logs from Microsoft Defender for Endpoint with Elastic Agent. | GA | 4.3.1 | 9.1.2 8.19.3 |
| Microsoft Defender XDR | Collect logs from Microsoft Defender XDR with Elastic Agent. | GA | 5.8.0 | 9.1.4 8.19.4 |
| Microsoft Sentinel | Collect logs from Microsoft Sentinel with Elastic Agent. | GA | 1.2.3 | 9.0.0 8.18.0 |
| Mimecast | Collect logs from Mimecast with Elastic Agent. | GA | 3.3.1 | 9.1.4 9.0.7 8.19.4 |
| Neon Cyber | The Neon Cyber integration for the Elastic Stack |
|
0.1.0 | 9.0.0 8.17.0 |
| Nozomi Networks | Collect logs from Nozomi Networks with Elastic Agent. |
|
0.2.1 | 9.0.0 8.18.0 |
| Okta | Collect and parse event logs from Okta API with Elastic Agent. | GA | 3.14.1 | 9.2.2 8.19.8 |
| Palo Alto Cortex XDR | Collect logs from Palo Alto Cortex XDR with Elastic Agent. | GA | 2.5.1 | 9.1.4 9.0.7 8.19.4 |
| Palo Alto Prisma Cloud | Collect logs from Prisma Cloud with Elastic Agent. | GA | 4.0.1 | 9.3.0 9.2.2 9.1.8 8.19.8 |
| Proofpoint Essentials | Collect logs from Proofpoint Essentials with Elastic Agent. |
|
0.1.0 | 9.0.0 8.18.0 |
| Proofpoint ITM | Collect logs from Proofpoint ITM using Elastic Agent. | GA | 1.0.1 | 9.0.0 8.18.0 |
| Proofpoint TAP | Collect logs from Proofpoint TAP with Elastic Agent. | GA | 1.29.1 | 9.1.4 9.0.7 8.19.4 |
| Qualys Global AssetView | Collect logs from Qualys Global AssetView with Elastic Agent. |
|
0.7.1 | 9.2.5 8.19.11 |
| Qualys VMDR | Collect data from Qualys VMDR platform with Elastic Agent. | GA | 6.15.0 | 9.1.0 8.19.0 |
| Qualys Web Application Scanning (WAS) | Collect data from Qualys Web Application Scanning platform with Elastic Agent or Agentless |
|
0.3.1 | 9.0.0 8.18.0 |
| Rapid7 InsightVM | Collect logs from Rapid7 InsightVM with Elastic Agent. | GA | 2.5.1 | 9.1.4 8.19.4 |
| Recorded Future | Ingest threat intelligence and alert data from Recorded Future with Elastic Agent. | GA | 2.4.1 | 9.0.0 8.18.0 |
| SentinelOne | Collect logs from SentinelOne with Elastic Agent. | GA | 2.4.0 | 9.3.0 9.2.1 9.1.7 8.19.7 |
| Snyk | Collect logs from Snyk with Elastic Agent. | GA | 3.4.0 | 9.3.0 |
| Splunk | Collect logs from Splunk with Elastic Agent. | GA | 1.0.1 | 9.1.0 8.19.0 |
| Sublime Security | Collect logs from Sublime Security with Elastic Agent. | GA | 1.11.2 | 9.0.0 8.18.0 |
| Tenable Security Center | Collect data from Tenable Security Center with Elastic Agent. | |||
| GA | 2.1.0 | 9.1.4 9.0.7 8.19.4 |
||
| Tenable Vulnerability Management | Collect logs from Tenable Vulnerability Management with Elastic Agent. | GA | 4.8.0 | 9.1.0 8.19.0 |
| ThreatQuotient | Ingest threat intelligence indicators from ThreatQuotient with Elastic Agent. | GA | 1.37.1 | 9.1.4 9.0.7 8.19.4 |
| Vectra RUX | Collect logs from Vectra RUX with Elastic Agent. |
|
0.3.3 | 9.0.0 8.18.0 |
| VMware Carbon Black Cloud | Collect logs from VMWare Carbon Black Cloud with Elastic Agent. | GA | 4.2.0 | 9.1.4 9.0.7 8.19.4 |
| Wiz | Collect logs from Wiz with Elastic Agent. | GA | 4.0.0 | 9.0.0 8.18.0 8.17.4 8.16.6 |
| Zscaler Internet Access | Collect logs from Zscaler Internet Access (ZIA) with Elastic Agent. | GA | 3.17.1 | 9.0.0 8.18.0 |