.png){kind=spacer}
Plug in. Extract. Deliver. Integrations Made Easy.
Security data is messy. Tools generate inconsistent logs, APIs fail, and data gets stuck in silos. Monad simplifies the process by extracting, normalizing, and delivering data where it’s needed. Focus on security, we'll do the data wrangling.
Our trusted partners include
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Inputs
.svg)
AWS CloudTrail Events
Collects account activity and API usage across your AWS infrastructure for full visibility into control plane events.
Cloud Security
new
COMING SOON
AWS Cognito Users
Fetches users from a specific user pool in AWS Cognito
Identity Security
new
COMING SOON
AWS GuardDuty
Collects security findings from AWS GuardDuty threat detection service to monitor malicious activity and unauthorized behavior across your AWS environment.
Compliance
new
COMING SOON
AWS IAM Access Analyzer
Contains information about findings from your IAM Access Analyzer.
Identity Security
new
COMING SOON
AWS KMS
Lists AWS KMS keys, aliases, and grants with detailed information
Cloud Security
new
COMING SOON
AWS Organizations
Lists AWS Organizations accounts and organizational units
Cloud Security
new
COMING SOON
AWS Resource Evaluations
Fetches a list of proactive resource evaluations.
Cloud Security
new
COMING SOON
AWS S3
Enables real-time ingestion of objects written to an S3 bucket for continuous data processing.
Cloud Security
new
COMING SOON
AWS S3 SQS
Automatically ingests new files from S3 buckets using Amazon Simple Queue Service (SQS)
Universal
new
COMING SOON
AWS SQS
Enables seamless ingestion of messages from Amazon Simple Queue Service (SQS) for data processing and integration.
Universal
new
COMING SOON
AWS Secrets Manager
Lists metadata of secrets not marked for deletion.
Cloud Security
new
COMING SOON
AWS Security Groups
Describes Security Groups from your Instances in AWS.
Cloud Security
new
COMING SOON
AWS Security Hub Findings
Ingests findings from AWS Security Hub for continuous monitoring and analysis.
Cloud Security
new
COMING SOON
Atlassian Jira App Roles
Fetches Jira application roles for auditing access configuration and permission mapping.
Asset Inventory
new
COMING SOON
Atlassian Jira Audit Logs
Fetches audits that record activities undertaken in Jira
SaaS
new
COMING SOON
Atlassian Jira User Directory
Returns all Jira users, including active, inactive, and previously deleted accounts.
Asset Inventory
new
COMING SOON
Box User Activity
Retrieves up to one year of user or enterprise activity events for audit and monitoring.
SaaS
new
COMING SOON
Box User Directory
Returns a list of enterprise users, including metadata like user ID, login, and public name.
Asset Inventory
new
COMING SOON
CISA KEV Known Exploited Vulnerabilities
Fetches known exploited vulnerability data from CISA's public KEV catalog.
Vulnerability Management
new
COMING SOON
Cisco Meraki Organization Configuration Changes
Collects and ingests organization configuration changes from the Cisco Meraki Dashboard API, providing logs of configuration modifications across your Meraki organization.
System Logs
new
COMING SOON
Clumio Audit Trails
Returns a list of audit trails from your Clumio account.
Data Security
new
COMING SOON
Clumio Consolidated Alerts
Returns a list of consolidated alerts from your Clumio account.
Data Security
new
COMING SOON
Clumio Individual Alerts
Returns a list of individual alerts from your Clumio account.
Data Security
new
COMING SOON
Coda Audit Events
This source connector fetches Audit events from the Coda Admin API.
SaaS
new
COMING SOON
CrowdStrike Detection Summaries
Fetches detection summaries from CrowdStrike Falcon, providing near real-time detection data for alert triage.
Endpoint Security
new
COMING SOON
CrowdStrike Device Inventory
Retrieves detailed asset data on devices managed by CrowdStrike Falcon Spotlight for asset visibility and vulnerability mapping.
Asset Inventory
new
COMING SOON
CrowdStrike Event Stream
Enables real-time event streaming from CrowdStrike for continuous analysis and alerting.
Endpoint Security
new
COMING SOON
CrowdStrike Falcon Data Replicator
Ingests raw Falcon data via the Falcon Data Replicator (FDR) API for deeper analysis.
Endpoint Security
new
COMING SOON
CrowdStrike Login Activity
Fetches recent login sessions for devices to help track access and authentication behaviors.
Identity Security
new
COMING SOON
CrowdStrike Threat Actors
Fetches actor intelligence data to enhance threat correlation and investigation workflows.
Asset Inventory
new
COMING SOON
CrowdStrike User Metadata
Retrieves user metadata and activity context from CrowdStrike for identity-linked insights.
Asset Inventory
new
COMING SOON
CrowdStrike User Roles
Retrieves user role mappings within CrowdStrike to support RBAC and permission reviews.
Asset Inventory
new
COMING SOON
CrowdStrike Vulnerability Findings
Pulls vulnerability findings from CrowdStrike Spotlight Vulnerability Management.
Vulnerability Management
new
COMING SOON
CrowdStrike Vulnerability Findings Cron
Pulls vulnerability findings from CrowdStrike Spotlight Vulnerability Management.
Vulnerability Management
new
COMING SOON
Duo Security Activity Logs
Collects list of activity log events from Duo Security API.
Identity Security
new
COMING SOON
Duo Security Admin Activity
Fetches administrator activity logs from Duo Security for auditing changes and admin actions.
SaaS
new
COMING SOON
Duo Security Authentication Events
Collects authentication events from Duo Security for user access visibility.
Identity Security
new
COMING SOON
Duo Security Offline Enrollment Logs
Collects list of Duo Authentication for Windows Logon offline enrollment events.
Identity Security
new
COMING SOON
Duo Security Telephony Logs
Collects telephony log events from Duo Security Admin API.
Identity Security
new
COMING SOON
FleetDM Fleet Activities
Collects activity logs from your FleetDM instance
SaaS
new
COMING SOON
Generic Object Storage
Enables real-time ingestion of objects from any S3-compatible object storage service for continuous data processing.
Cloud Security
new
COMING SOON
GitLab Issues
Get all Gitlab issues the authenticated user has access to associated with a project.
Application Security
new
COMING SOON
Github Audit Logs
Retrieves repository, permission, and authentication activity logs from GitHub Enterprise.
SaaS
new
COMING SOON
Github Security Advisories
Ingests vulnerability data from GitHub’s public Advisory Database for supply chain risk insights.
Application Security
new
COMING SOON
Google BigQuery
Loads data from a BigQuery table using timestamp-based tracking for incremental updates.
Universal
new
COMING SOON
Google BigQuery Cron
Loads all data from a BigQuery table on a scheduled basis.
Universal
new
COMING SOON
Google Cloud Asset Inventory
Pulls asset inventory metadata from Google Cloud for visibility and policy enforcement.
Cloud Security
new
COMING SOON
Google Cloud Audit Logs
Ingests Google Cloud Audit Logs to track admin actions, access events, and policy changes across your GCP environment.
Cloud Security
new
COMING SOON
Google Cloud Storage
Collects and ingests data from a Google Cloud Storage bucket.
Cloud Security
new
COMING SOON
Google Workspace Access Transparency Activity
Fetches logs when Google personnel access your data in a Google Workspace domain.
Compliance
new
COMING SOON
Google Workspace Admin Activity
Collects admin-level activity logs from Google Workspace for auditing configuration and access changes.
SaaS
new
COMING SOON
Google Workspace Calendar Activity
Fetches audit logs on Google Calendar events such as event creation, modification, sharing, and deletion in a Google Workspace domain.
SaaS
new
COMING SOON
Google Workspace Chat Activity
Fetches audit logs on Google Chat activities such as message creation, deletion, and modification in a Google Workspace domain.
SaaS
new
COMING SOON
Google Workspace Chrome Activity
Fetches audit logs on Chrome OS enterprise including, but not limited to, device logins, policy changes, and user activity in a Google Workspace domain.
Endpoint Security
new
COMING SOON
Google Workspace Context Aware Access Activity
Fetches logs for context-aware access denied events in a Google Workspace domain.
Identity Security
new
COMING SOON
Google Workspace Data Studio Activity
Tracks Data Studio activity such as report creation, modification, sharing, and deletion in a Google Workspace domain.
SaaS
new
COMING SOON
Google Workspace Device Activity
Pulls device-level activity logs from Google Workspace Device API to monitor endpoints.
Endpoint Security
new
COMING SOON
Google Workspace Drive Activity
Fetches file and folder access logs from Google Workspace Drive for data governance.
Identity Security
new
COMING SOON
Google Workspace GCP Activity
Fetches GCP Cloud OS Login events in a Google Workspace domain.
Cloud Security
new
COMING SOON
Google Workspace Gemini Activity
Fetches Gemini Audit Activity From Google Workspace.
System Logs
new
COMING SOON
Google Workspace Gmail Activity
Fetches gmail usage logs from google workspace to monitor email activity.
SaaS
new
COMING SOON
Google Workspace Groups Activity
Fetches audit logs on Google Group creation, modification, and deletion in a Google Workspace domain.
Identity Security
new
COMING SOON
Google Workspace Groups Enterprise Activity
Fetches audit logs on Enterprise Group creation, modification, and deletion in a Google Workspace domain.
Identity Security
new
COMING SOON
Google Workspace Jamboard Activity
Fetches audit logs on Jamboard Device events in a Google Workspace domain.
Endpoint Security
new
COMING SOON
Google Workspace Keep Activity
Fetches logs on creation, modification, and deletion of Google Keep notes in a Google Workspace domain.
SaaS
new
COMING SOON
Google Workspace Login Activity
Retrieves user login activity from Google Workspace to track authentication patterns.
Identity Security
new
COMING SOON
Google Workspace Meet Activity
Fetches audit logs for Google Meet usage in a Google Workspace domain.
SaaS
new
COMING SOON
Google Workspace OAuth Activity
Collects OAuth activity logs from Google Workspace to monitor third-party app access.
Identity Security
new
COMING SOON
Google Workspace Rules Activity
Fetches logs for when rules are applied, modified, or created in a Google Workspace domain.
Security Operations
new
COMING SOON
Google Workspace Saml Activity
Fetches user account security changes for a Google Workspace domain.
Identity Security
new
COMING SOON
Google Workspace User Accounts Activity
Fetches user account activity logs from Google Workspace for data governance.
Identity Security
new
COMING SOON
Google Workspace Users
Pulls user metadata from Google Workspace, including IDs and roles for directory visibility.
Asset Inventory
new
COMING SOON
Google Workspace Vault Activity
Fetches access and audit logs from Google Vault.
Compliance
new
COMING SOON
Jira App Roles
Fetches Jira application roles for auditing access configuration and permission mapping.
Asset Inventory
new
COMING SOON
Jira User Directory
Returns all Jira users, including active, inactive, and previously deleted accounts.
Asset Inventory
new
COMING SOON
Microsoft Azure Activity Logs
Ingests Azure control plane logs from the Monitor API to track admin activity across services.
Cloud Security
new
COMING SOON
Microsoft Azure Blob Storage
Enables real-time ingestion of objects written to an Azure container for continuous data processing.
Cloud Security
new
COMING SOON
Microsoft Azure VNet Flow Logs
Ingests Azure Virtual Network Flow Logs from Azure Blob Storage to analyze network traffic patterns and security events.
Network Security
new
COMING SOON
Microsoft Azure Virtual Machine
Fetches the list of Virtual Machines and their meta data from Azure subscription.
Asset Inventory
new
COMING SOON
Microsoft Defender XDR Alerts
Fetches alerts generated from different services in Microsoft Defender XDR
Security Operations
new
COMING SOON
Microsoft Defender XDR Incidents
Fetches incidents from Microsoft Defender XDR that are automatically created by correlating and aggregating alerts from multiple Microsoft security services.
Security Operations
new
COMING SOON
Microsoft Defender for Cloud Alerts
Pulls security alert events from Microsoft Defender for Cloud.
Cloud Security
new
COMING SOON
Microsoft Defender for Cloud Compliance
Ingests compliance findings from Microsoft Defender for Cloud for audit and posture assessment.
Cloud Security
new
COMING SOON
Microsoft Defender for Endpoint Alerts
Collects alert data from Microsoft Defender for Endpoint for threat detection and response.
Endpoint Security
new
COMING SOON
Microsoft Entra ID
Collects logs from Entra ID (formerly Azure AD) via Log Analytics for authentication and access tracking.
Identity Security
new
COMING SOON
Microsoft Event Hubs
Streams real-time data from Azure Event Hubs for event ingestion and processing
Universal
new
COMING SOON
Microsoft Log Analytics Query
Runs and ingests custom queries from Azure Log Analytics to collect operational or identity-related logs
Cloud Security
new
COMING SOON
Monad Event Generator - Custom Templates
Generates structured test events using predefined templates for testing pipelines.
Universal
new
COMING SOON
Monad HTTP Input
Accepts POSTed data directly to the Monad API endpoint.
Universal
new
COMING SOON
Monad Organization Logs
Collects internal logs from Monad organizations for debugging and pipeline visibility.
Universal
new
COMING SOON
Monad Splunk HEC Input
Accepts POSTed data directly to the Monad Splunk HEC endpoints.
Universal
new
COMING SOON
Monad Synthetic Data Generator
Generates synthetic events for testing pipeline functionality and transformations.
Universal
new
COMING SOON
MongoDB Org Events
Ingests organization-level events from MongoDB, such as database or security activity.
SaaS
new
COMING SOON
MongoDB Project Events
Collects project-level events from MongoDB, including billing, security, and system updates.
SaaS
new
COMING SOON
Okta App Inventory
Fetches application data from Okta for continuous visibility into app provisioning and access control.
Asset Inventory
new
COMING SOON
Okta Auth0 Log Events
Retrieve log entries from the Auth0 management API
System Logs
new
COMING SOON
Okta Auth0 Log Events Stream
Retrieve log entries streamed by Auth0 Log stream
System Logs
new
COMING SOON
Okta Identity Groups
Retrieves group data from Okta for identity and access management monitoring.
Asset Inventory
new
COMING SOON
Okta System Audit Logs
Ingests Okta system events for audit trail analysis and platform activity monitoring.
Identity Security
new
COMING SOON
Okta User Directory
Pulls user data from Okta, including metadata for authentication and identity correlation.
Asset Inventory
new
COMING SOON
Outputs
AWS OpenSearch
Outputs data to OpenSearch. Compatible with OpenSearch's data ingestion and querying capabilities.
Outputs
new
COMING SOON
AWS S3
Writes data to Amazon S3 buckets in various file formats (i.e., Parquet) and supporting partitioning.
Outputs
new
COMING SOON
AWS SQS
Publishes data to specified Amazon SQS queues. Supports both standard and FIFO queues.
Outputs
new
COMING SOON
AWS Security Lake
Send OCSF records to Amazon Security Lake, enabling centralized storage and analysis of security data in a standardized format.
Outputs
new
COMING SOON
Cribl HTTP Source
Sends data to a Cribl HTTP Source using standard HTTP requests.
Outputs
new
COMING SOON
Crowdstrike Falcon Next-Gen SIEM
Forwards processed data to Crowdstrike's Next-Gen SIEM.
Outputs
new
COMING SOON
Datadog Logs
Send records to Datadog logs for monitoring and analytics.
Outputs
new
COMING SOON
Elastic NV Elasticsearch
Sends data to an Elasticsearch cluster for indexing, search, and analysis.
Outputs
new
COMING SOON
Generic Object Storage
Writes data to S3-compatible object storage services in various file formats (i.e., Parquet) and supporting partitioning.
Outputs
new
COMING SOON
Google BigQuery
Load data into your Google BigQuery project
Outputs
new
COMING SOON
Google Cloud MySQL
Send raw records directly to your Google Cloud MySQL Instance.
Outputs
new
COMING SOON
Google Cloud PostgreSQL
Send raw records directly to your Google Cloud PostgreSQL Instance.
Outputs
new
COMING SOON
Google Cloud SQL Server
Send raw records directly to your Google Cloud SQL Server Instance.
Outputs
new
COMING SOON
Google Cloud Storage
Allows you to write data to Google Cloud Storage Output bucket for archiving or downstream processing.
Outputs
new
COMING SOON
Microsoft Azure Blob Storage
Writes data to Azure Containers in various file formats (i.e., Parquet).
Outputs
new
COMING SOON
Microsoft Azure Sentinel
Sends data to Microsoft Sentinel for querying and alerting.
Outputs
new
COMING SOON
Monad /dev/null
This output is used in testing pipelines and discards the data sent to it.
Outputs
new
COMING SOON
Monad HTTP
Delivers data via HTTP POST requests to any configurable endpoint.
Outputs
new
COMING SOON
Monad KV Lookup
Stores key-value pairs from incoming records in a key-value store for later usage by the KV Lookup Enrichment
Outputs
new
COMING SOON
PagerDuty
Sends events to PagerDuty for incident management and operational awareness.
Outputs
new
COMING SOON
Panther
Enables Panther's support for ingesting logs using Panther's HTTP Custom Log Format Source.
Outputs
new
COMING SOON
PostgreSQL
Send raw records directly to a PostgreSQL database.
Outputs
new
COMING SOON
Snowflake
Enables seamless data transfer by batch processing messages into JSONL files and securely uploading them to Snowflake.
Outputs
new
COMING SOON
Splunk
Sends data to Splunk Cloud or Enterprise environments.
Outputs
new
COMING SOON
Sumo Logic
Sends data to Sumo Logic’s hosted or installed collectors for search and monitoring.
Outputs
new
COMING SOON
Request an integration
Let us know which integrations you’d like us to add next.
We’re all ears.
Integration Idea submitted!
Oops! Something went wrong while submitting the form.