Agentless integrations quick reference
This table lists all Elastic integrations that support agentless deployment.
| Integration | Description | Release status | Version | Minimum Kibana version |
|---|---|---|---|---|
| 1Password | Collect logs from 1Password with Elastic Agent. | GA | 1.34.0 | 9.0.7 8.19.4 |
| Abnormal AI | Collect logs from Abnormal AI with Elastic Agent. | GA | 1.14.0 | 9.1.2 8.19.2 |
| abuse.ch | Ingest threat intelligence indicators from URL Haus, Malware Bazaar, and Threat Fox feeds with Elastic Agent. | GA | 3.6.0 | 9.1.0 8.19.0 |
| Admin By Request EPM | Collect logs from Admin By Request EPM with Elastic Agent. | GA | 1.2.0 | 9.0.5 8.19.2 |
| Airlock Digital | Collect logs from Airlock Digital with Elastic Agent. |
|
0.3.0 | 9.1.0 8.19.0 |
| Amazon DynamoDB | Collect Amazon DynamoDB metrics with Elastic Agent | GA | 6.14.2 | 9.2.1 8.19.4 |
| Amazon GuardDuty | Collect Amazon GuardDuty logs with Elastic Agent. | GA | 6.14.2 | 9.2.1 8.19.4 |
| Amazon Inspector | Collect Amazon Inspector Logs with Elastic Agent. | GA | 6.14.2 | 9.2.1 8.19.4 |
| Amazon RDS | Collect Amazon Relational Database Service metrics with Elastic Agent | GA | 6.14.2 | 9.2.1 8.19.4 |
| Amazon SNS | Collect Amazon SNS metrics with Elastic Agent | GA | 6.14.2 | 9.2.1 8.19.4 |
| Amazon SQS | Collect Amazon SQS metrics with Elastic Agent | GA | 6.14.2 | 9.2.1 8.19.4 |
| Anomali ThreatStream | Ingest threat intelligence indicators from Anomali ThreatStream with Elastic Agent. | GA | 2.6.1 | 9.0.0 8.18.0 |
| Armis | Collect logs from Armis with Elastic Agent. |
|
0.4.1 | 9.0.0 8.18.0 |
| authentik | Collect logs from authentik with Elastic Agent. | GA | 1.9.0 | 9.0.5 8.19.2 |
| AWS Billing | Collect billing metrics with Elastic Agent | GA | 6.14.2 | 9.2.1 8.19.4 |
| AWS Config | Collect AWS Config Logs with Elastic Agent. | GA | 6.14.2 | 9.2.1 8.19.4 |
| AWS ELB | Collect logs and metrics for Amazon Elastic Load Balancing service with Elastic Agent | GA | 6.14.2 | 9.2.1 8.19.4 |
| AWS Health | Collect AWS Health metrics with Elastic Agent (experimental) | GA | 6.14.2 | 9.2.1 8.19.4 |
| AWS Lambda | Collect Lambda metrics and logs with Elastic Agent | GA | 6.14.2 | 9.2.1 8.19.4 |
| AWS Security Hub | Collect logs from AWS Security Hub with Elastic Agent. | GA | 1.0.0 | 9.3.0 |
| AWS Security Hub CSPM | Collect AWS Security Hub CSPM Logs with Elastic Agent. | GA | 6.14.2 | 9.2.1 8.19.4 |
| AWS Transit Gateway | Collect AWS Transit Gateways metrics with Elastic Agent | GA | 6.14.2 | 9.2.1 8.19.4 |
| Azure Application Insights Metrics | Collect application insights metrics from Azure Monitor with Elastic Agent. | GA | 1.11.0 | 9.3.3 9.2.8 8.19.14 |
| Azure Application State Insights Metrics | Collect application state related metrics from Azure Monitor with Elastic Agent. | GA | 1.11.0 | 9.3.3 9.2.8 8.19.14 |
| Azure Billing Metrics | Collect billing metrics with Elastic Agent. | GA | 1.10.0 | 9.0.0 8.13.0 |
| Azure OpenAI | Collects Azure OpenAI Logs and Metrics | GA | 1.12.0 | 9.3.0 9.2.4 8.19.10 |
| BeyondInsight and Password Safe | Ingest privileged access management (PAM) data from BeyondTrust's BeyondInsight PAM Reporting Platform and Password Safe, using Elastic Agent. | GA | 1.1.0 | 9.0.5 8.19.2 |
| BeyondTrust PRA | Collect logs from BeyondTrust PRA with Elastic Agent. |
|
0.4.0 | 9.0.0 8.18.0 |
| BitDefender | Ingest BitDefender GravityZone logs and data | GA | 2.9.0 | 9.0.5 8.19.2 |
| Bitsight | Ingest data from the Bitsight API. |
|
0.2.0 | 9.0.5 8.19.2 |
| Bitwarden | Collect logs from Bitwarden with Elastic Agent. | GA | 1.19.0 | 9.1.4 9.0.7 8.19.4 |
| blacklens.io | Collect logs from blacklens.io with Elastic Agent | GA | 1.1.0 | 9.1.4 9.0.7 8.19.4 |
| Box Events | Collect logs from Box with Elastic Agent | GA | 3.2.0 | 9.1.4 9.0.7 8.19.4 |
| Check Point Harmony Email & Collaboration | Collect logs from Check Point Harmony Email & Collaboration with Elastic Agent. | GA | 1.4.0 | 9.0.0 8.18.0 |
| Check Point Harmony Endpoint | Collect logs from Check Point Harmony Endpoint | GA | 1.2.0 | 9.0.0 8.18.0 |
| CISA Known Exploited Vulnerabilities | This package allows the ingest of known exploited vulnerabilities according to the Cybersecurity and Infrastructure Security Agency of the United States of America. This information could be used to enrich or track exisiting vulnerabilities that are known to be exploited in the wild. | GA | 1.8.0 | 9.0.5 8.19.2 |
| Cisco Duo | Collect logs from Cisco Duo with Elastic Agent. | GA | 2.9.0 | 9.0.0 8.18.0 |
| Claroty xDome | Collect logs from Claroty xDome with Elastic Agent. | GA | 1.0.2 | 9.0.0 8.18.0 |
| Cloud Asset Discovery | Discover and Create Cloud Assets Discovery | GA | 1.5.0 | 9.4.0 |
| Cloud Security Posture Management (CSPM) | Identify & remediate configuration risks in the Cloud services you leverage | GA | 3.3.0 | 9.4.0 |
| Cloudflare | Collect logs from Cloudflare with Elastic Agent. | GA | 2.33.0 | 9.1.4 9.0.7 8.19.4 |
| CrowdStrike | Collect logs from Crowdstrike with Elastic Agent. | GA | 3.16.1 | 9.0.0 8.19.0 |
| CrowdStrike Falcon Intelligence | Collect logs from CrowdStrike Falcon Intelligence with Elastic Agent. | GA | 2.7.1 | 9.0.0 8.18.0 |
| Cyera | Collect logs from Cyera with Elastic Agent. |
|
0.6.0 | 9.3.0 9.2.1 9.1.7 8.19.7 |
| Cyware Intel Exchange | Collect logs from Cyware Intel Exchange with Elastic Agent. |
|
0.2.0 | 9.0.0 8.18.0 |
| Elastic Security | Collect logs from Elastic Instance with Elastic Agent. |
|
0.4.0 | 9.1.1 |
| Elasticsearch Service Billing | Collects billing metrics from Elasticsearch Service billing API | GA | 1.7.1 | 9.3.0 |
| ExtraHop | Collect logs from ExtraHop RevealX 360 with Elastic Agent. |
|
0.2.1 | 9.1.2 9.0.5 8.19.2 8.18.5 |
| Flashpoint | Collect logs from Flashpoint with Elastic Agent. |
|
0.1.0 | 9.0.0 8.18.0 |
| GitHub | Collect logs from GitHub with Elastic Agent. | GA | 2.23.1 | 9.3.0 9.2.4 9.1.10 8.19.10 |
| Google SecOps | Collect alerts from Google SecOps with Elastic Agent. | GA | 1.2.2 | 9.0.0 8.18.0 |
| Google Security Command Center | Collect logs from Google Security Command Center with Elastic Agent. | GA | 2.4.0 | 9.1.4 8.19.4 |
| Google Threat Intelligence | Collect Threat Intelligence Events from Google Threat Intelligence using Elastic Agent, and perform enrichment on Elasticsearch by correlating Indicators of Compromise (IOCs). |
|
0.8.1 | 9.0.0 8.16.0 |
| Google Workspace | Collect logs from Google Workspace with Elastic Agent. | GA | 3.3.1 | 9.1.4 9.0.7 8.19.4 |
| GreyNoise | Collect Threat Intelligence Indicators from GreyNoise using Elastic Agent, and perform enrichment on Elasticsearch by correlating Indicators of Compromise (IOCs). |
|
0.7.3 | 9.0.0 8.17.0 |
| IBM QRadar | Collect logs from IBM QRadar with Elastic Agent. |
|
0.2.0 | 9.0.0 8.18.0 |
| IRONSCALES | Collect logs from IRONSCALES with Elastic Agent. |
|
0.1.0 | 9.3.0 9.2.2 9.1.8 8.19.8 |
| Island Browser | Collect logs from Island Browser with Elastic Agent. | GA | 1.0.0 | 9.1.5 9.0.8 8.19.5 8.18.8 |
| JupiterOne | Collect logs from JupiterOne with Elastic Agent. |
|
0.1.0 | 9.4.0 9.3.1 9.2.4 9.1.10 8.19.10 |
| Microsoft Defender for Cloud | Collect logs from Microsoft Defender for Cloud with Elastic Agent. | GA | 3.4.0 | 9.3.0 9.2.4 9.1.10 8.19.10 |
| Microsoft Defender for Endpoint | Collect logs from Microsoft Defender for Endpoint with Elastic Agent. | GA | 4.6.0 | 9.1.2 8.19.3 |
| Microsoft Defender XDR | Collect logs from Microsoft Defender XDR with Elastic Agent. | GA | 5.13.0 | 9.3.0 9.2.4 9.1.10 8.19.10 |
| Microsoft Foundry | Collects Microsoft Foundry logs and metrics |
|
0.10.0 | 9.3.0 9.2.4 |
| Microsoft Office 365 | Collect logs from Microsoft Office 365 with Elastic Agent. | GA | 3.8.1 | 9.0.0 8.18.0 |
| Microsoft Office 365 Metrics | Collect metrics from Microsoft Office 365 with Elastic Agent. | GA | 1.2.0 | 9.0.0 8.16.0 |
| Microsoft Sentinel | Collect logs from Microsoft Sentinel with Elastic Agent. | GA | 1.3.1 | 9.3.0 9.2.4 9.1.10 8.19.10 |
| Mimecast | Collect logs from Mimecast with Elastic Agent. | GA | 3.3.2 | 9.1.4 9.0.7 8.19.4 |
| MongoDB Atlas | This Elastic integration collects logs and metrics from MongoDB Atlas instance. | GA | 1.2.1 | 9.0.0 8.13.0 |
| Neon Cyber | The Neon Cyber integration for the Elastic Stack |
|
0.1.0 | 9.0.0 8.17.0 |
| Nozomi Networks | Collect logs from Nozomi Networks with Elastic Agent. |
|
0.2.1 | 9.0.0 8.18.0 |
| Okta | Collect and parse event logs from Okta API with Elastic Agent. | GA | 3.14.1 | 9.2.2 8.19.8 |
| Palo Alto Cortex XDR | Collect logs from Palo Alto Cortex XDR with Elastic Agent. | GA | 2.5.2 | 9.1.4 9.0.7 8.19.4 |
| Palo Alto Prisma Cloud | Collect logs from Prisma Cloud with Elastic Agent. | GA | 4.1.0 | 9.3.0 9.2.2 9.1.8 8.19.8 |
| Permission Verifier | Verify identity federation based integration permissions and report results to Elasticsearch using the Verifier receiver of the OTel Collector. |
|
0.0.1 | 9.3.0 |
| PingOne | Collect logs from PingOne with Elastic-Agent. | GA | 1.23.0 | 9.1.4 9.0.7 8.19.4 |
| Proofpoint Essentials | Collect logs from Proofpoint Essentials with Elastic Agent. |
|
0.1.0 | 9.0.0 8.18.0 |
| Proofpoint ITM | Collect logs from Proofpoint ITM using Elastic Agent. | GA | 1.0.1 | 9.0.0 8.18.0 |
| Proofpoint TAP | Collect logs from Proofpoint TAP with Elastic Agent. | GA | 1.29.1 | 9.1.4 9.0.7 8.19.4 |
| Qualys Global AssetView | Collect logs from Qualys Global AssetView with Elastic Agent. |
|
0.7.2 | 9.2.5 8.19.11 |
| Qualys VMDR | Collect data from Qualys VMDR platform with Elastic Agent. | GA | 6.18.0 | 9.2.5 8.19.11 |
| Qualys Web Application Scanning (WAS) | Collect data from Qualys Web Application Scanning platform with Elastic Agent or Agentless |
|
0.3.1 | 9.0.0 8.18.0 |
| Rapid7 InsightVM | Collect logs from Rapid7 InsightVM with Elastic Agent. | GA | 2.8.0 | 9.1.4 8.19.4 |
| Rapid7 Threat Command | Collect threat intelligence from Threat Command API with Elastic Agent. | GA | 2.8.0 | 9.1.4 9.0.7 8.19.4 |
| Recorded Future | Ingest threat intelligence and alert data from Recorded Future with Elastic Agent. | GA | 2.4.2 | 9.0.0 8.18.0 |
| SentinelOne | Collect logs from SentinelOne with Elastic Agent. | GA | 2.6.0 | 9.3.2 9.2.7 8.19.13 |
| Slack Logs | Slack Logs Integration | GA | 1.27.0 | 9.1.4 9.0.7 8.19.4 |
| Snyk | Collect logs from Snyk with Elastic Agent. | GA | 3.4.2 | 9.3.0 |
| Splunk | Collect logs from Splunk with Elastic Agent. | GA | 1.0.1 | 9.1.0 8.19.0 |
| Sublime Security | Collect logs from Sublime Security with Elastic Agent. | GA | 1.11.2 | 9.0.0 8.18.0 |
| Tenable Security Center | Collect data from Tenable Security Center with Elastic Agent. | |||
| GA | 2.2.0 | 9.1.4 9.0.7 8.19.4 |
||
| Tenable Vulnerability Management | Collect logs from Tenable Vulnerability Management with Elastic Agent. | GA | 4.10.0 | 9.1.0 8.19.0 |
| ThreatQuotient | Ingest threat intelligence indicators from ThreatQuotient with Elastic Agent. | GA | 1.37.1 | 9.1.4 9.0.7 8.19.4 |
| TrendAI Vision One | Collect logs from TrendAI Vision One with Elastic Agent. | GA | 2.11.0 | 9.1.4 9.0.7 8.19.4 |
| Vectra RUX | Collect logs from Vectra RUX with Elastic Agent. |
|
0.3.3 | 9.0.0 8.18.0 |
| VMware Carbon Black Cloud | Collect logs from VMWare Carbon Black Cloud with Elastic Agent. | GA | 4.2.0 | 9.1.4 9.0.7 8.19.4 |
| Wiz | Collect logs from Wiz with Elastic Agent. | GA | 4.2.0 | 9.1.0 8.19.0 |
| Zscaler Internet Access | Collect logs from Zscaler Internet Access (ZIA) with Elastic Agent. | GA | 3.17.1 | 9.0.0 8.18.0 |