Plug in. Extract. Deliver. Integrations Made Easy.
Security data is messy. Tools generate inconsistent logs, APIs fail, and data gets stuck in silos. Monad simplifies the process by extracting, normalizing, and delivering data where it’s needed. Focus on security, we'll do the data wrangling.
Our trusted partners include
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Inputs
.svg)
AWS CloudTrail Events
Collects account activity and API usage across your AWS infrastructure for full visibility into control plane events.
Cloud Security
new
COMING SOON
AWS S3
Enables real-time ingestion of objects written to an S3 bucket for continuous data processing.
Cloud Security
new
COMING SOON
AWS SQS
Enables seamless ingestion of messages from Amazon Simple Queue Service (SQS) for data processing and integration.
Universal
new
COMING SOON
AWS Security Hub Findings
Ingests findings from AWS Security Hub for continuous monitoring and analysis.
Cloud Security
new
COMING SOON
Box User Activity
Retrieves up to one year of user or enterprise activity events for audit and monitoring.
SaaS
new
COMING SOON
Box User Directory
Returns a list of enterprise users, including metadata like user ID, login, and public name.
Asset Inventory
new
COMING SOON
CISA KEV Known Exploited Vulnerabilities
Fetches known exploited vulnerability data from CISA's public KEV catalog.
Vulnerability Management
new
COMING SOON
CrowdStrike Detection Summaries
Fetches detection summaries from CrowdStrike Falcon, providing near real-time detection data for alert triage.
Endpoint Security
new
COMING SOON
CrowdStrike Device Inventory
Retrieves detailed asset data on devices managed by CrowdStrike Falcon Spotlight for asset visibility and vulnerability mapping.
Asset Inventory
new
COMING SOON
CrowdStrike Event Stream
Enables real-time event streaming from CrowdStrike for continuous analysis and alerting.
Endpoint Security
new
COMING SOON
CrowdStrike Falcon Data Replicator
Ingests raw Falcon data via the Falcon Data Replicator (FDR) API for deeper analysis.
Endpoint Security
new
COMING SOON
CrowdStrike Login Activity
Fetches recent login sessions for devices to help track access and authentication behaviors.
Identity Security
new
COMING SOON
CrowdStrike Threat Actors
Fetches actor intelligence data to enhance threat correlation and investigation workflows.
Asset Inventory
new
COMING SOON
CrowdStrike User Metadata
Retrieves user metadata and activity context from CrowdStrike for identity-linked insights.
Asset Inventory
new
COMING SOON
CrowdStrike User Roles
Retrieves user role mappings within CrowdStrike to support RBAC and permission reviews.
Asset Inventory
new
COMING SOON
CrowdStrike Vulnerability Findings
Pulls vulnerability findings from CrowdStrike Spotlight Vulnerability Management.
Vulnerability Management
new
COMING SOON
CrowdStrike Vulnerability Findings Cron
Pulls vulnerability findings from CrowdStrike Spotlight Vulnerability Management.
Vulnerability Management
new
COMING SOON
Duo Security Admin Activity
Fetches administrator activity logs from Duo Security for auditing changes and admin actions.
SaaS
new
COMING SOON
Duo Security Authentication Events
Collects authentication events from Duo Security for user access visibility.
Identity Security
new
COMING SOON
FleetDM Fleet Activities
Collects activity logs from your FleetDM instance
SaaS
new
COMING SOON
Generic Object Storage
Enables real-time ingestion of objects from any S3-compatible object storage service for continuous data processing.
Cloud Security
new
COMING SOON
Github Audit Logs
Retrieves repository, permission, and authentication activity logs from GitHub Enterprise.
SaaS
new
COMING SOON
Github Security Advisories
Ingests vulnerability data from GitHub’s public Advisory Database for supply chain risk insights.
Application Security
new
COMING SOON
Google BigQuery
Loads data from a BigQuery table using timestamp-based tracking and scheduled ingestion.
Universal
new
COMING SOON
Google Cloud Asset Inventory
Pulls asset inventory metadata from Google Cloud for visibility and policy enforcement.
Cloud Security
new
COMING SOON
Google Cloud Audit Logs
Ingests Google Cloud Audit Logs to track admin actions, access events, and policy changes across your GCP environment.
Cloud Security
new
COMING SOON
Google Workspace Workspace Admin Activity
Collects admin-level activity logs from Google Workspace for auditing configuration and access changes.
SaaS
new
COMING SOON
Google Workspace Workspace Device Activity
Pulls device-level activity logs from Google Workspace Device API to monitor endpoints.
Endpoint Security
new
COMING SOON
Google Workspace Workspace Drive Activity
Fetches file and folder access logs from Google Workspace Drive for data governance.
Identity Security
new
COMING SOON
Google Workspace Workspace Login Activity
Retrieves user login activity from Google Workspace to track authentication patterns.
Identity Security
new
COMING SOON
Google Workspace Workspace OAuth Activity
Collects OAuth activity logs from Google Workspace to monitor third-party app access.
Identity Security
new
COMING SOON
Google Workspace Workspace Users
Pulls user metadata from Google Workspace, including IDs and roles for directory visibility.
Asset Inventory
new
COMING SOON
Jira App Roles
Fetches Jira application roles for auditing access configuration and permission mapping.
Asset Inventory
new
COMING SOON
Jira User Directory
Returns all Jira users, including active, inactive, and previously deleted accounts.
Asset Inventory
new
COMING SOON
Microsoft Azure Activity Logs
Ingests Azure control plane logs from the Monitor API to track admin activity across services.
Cloud Security
new
COMING SOON
Microsoft Defender for Cloud Alerts
Pulls security alert events from Microsoft Defender for Cloud.
Cloud Security
new
COMING SOON
Microsoft Defender for Cloud Compliance
Ingests compliance findings from Microsoft Defender for Cloud for audit and posture assessment.
Cloud Security
new
COMING SOON
Microsoft Defender for Endpoint Alerts
Collects alert data from Microsoft Defender for Endpoint for threat detection and response.
Endpoint Security
new
COMING SOON
Microsoft Entra ID
Collects logs from Entra ID (formerly Azure AD) via Log Analytics for authentication and access tracking.
Identity Security
new
COMING SOON
Microsoft Log Analytics Query
Runs and ingests custom queries from Azure Log Analytics to collect operational or identity-related logs
Cloud Security
new
COMING SOON
Monad Event Generator
Generates synthetic events for testing pipeline functionality and transformations.
Universal
new
COMING SOON
Monad Event Generator - Custom Templates
Generates structured test events using predefined templates for testing pipelines.
Universal
new
COMING SOON
Monad HTTP Input
Accepts POSTed data directly to the Monad API endpoint.
Universal
new
COMING SOON
Monad Organization Logs
Collects internal logs from Monad organizations for debugging and pipeline visibility.
Universal
new
COMING SOON
Monad Splunk HEC Input
Accepts POSTed data directly to the Monad Splunk HEC endpoints.
Universal
new
COMING SOON
MongoDB Org Events
Ingests organization-level events from MongoDB, such as database or security activity.
SaaS
new
COMING SOON
MongoDB Project Events
Collects project-level events from MongoDB, including billing, security, and system updates.
SaaS
new
COMING SOON
Okta App Inventory
Fetches application data from Okta for continuous visibility into app provisioning and access control.
Asset Inventory
new
COMING SOON
Okta Identity Groups
Retrieves group data from Okta for identity and access management monitoring.
Asset Inventory
new
COMING SOON
Okta System Audit Logs
Ingests Okta system events for audit trail analysis and platform activity monitoring.
Identity Security
new
COMING SOON
Okta User Directory
Pulls user data from Okta, including metadata for authentication and identity correlation.
Asset Inventory
new
COMING SOON
Palo Alto Cloud Security Alerts
Collects security alerts from Palo Alto Cloud Security Posture Management
Cloud Security
new
COMING SOON
Semgrep Code Vulnerability Findings
Collects vulnerability findings from Semgrep scans for code security visibility and triage.
Application Security
new
COMING SOON
Semgrep Deployment Logs
Ingests deployment-related logs from Semgrep to monitor release behavior and enforcement.
Application Security
new
COMING SOON
Semgrep Project Metadata
Collects detailed metadata about projects from the Semgrep API for organizational context.
Application Security
new
COMING SOON
Semgrep Projects
Ingests project logs from the Semgrep API to support pipeline-level analysis and context.
Application Security
new
COMING SOON
Semgrep Supply Chain Findings
Fetches software supply chain-related findings from Semgrep to identify third-party risk.
Application Security
new
COMING SOON
Slack User Directory
Lists all users within a Slack workspace for identity resolution and user monitoring.
Asset Inventory
new
COMING SOON
Slack User Groups
Lists all user groups within a Slack workspace for role-based context.
Asset Inventory
new
COMING SOON
Snowflake Access Grants
Retrieves Snowflake access grants for auditing role-based permissions and privilege assignments.
Identity Security
new
COMING SOON
Snowflake Table
Loads data from a Snowflake table using timestamp-based tracking and scheduled extraction.
Universal
new
COMING SOON
Snowflake User Directory
Lists all users in the Snowflake system for access monitoring and identity visibility.
Asset Inventory
new
COMING SOON
Snyk Issue Findings
Collects issue data from Snyk to surface security risks related to known vulnerabilities.
Application Security
new
COMING SOON
Snyk Organization Metadata
Pulls organization metadata from Snyk for structural and access context.
Application Security
new
COMING SOON
Snyk Project Metadata
Retrieves project metadata from Snyk to support asset tracking and issue attribution.
Application Security
new
COMING SOON
Snyk Scan Targets
Ingests scan target definitions from Snyk to map coverage and exposure surfaces.
Application Security
new
COMING SOON
Socket.dev Scan Results
Collects SBOM artifacts from full scans in your Socket.dev organization.
Application Security
new
COMING SOON
Tailscale Device Inventory
Collects device inventory from Tailscale for visibility into connected tailnet endpoints.
Asset Inventory
new
COMING SOON
Tailscale User Directory
Retrieves user metadata from Tailscale to support identity and access mapping.
Asset Inventory
new
COMING SOON
Tenable Asset Inventory
Ingests asset inventory data from Tenable to support vulnerability correlation and security posture management.
Asset Inventory
new
COMING SOON
Tenable Asset Inventory Cron
Ingests asset inventory data from Tenable to support vulnerability correlation and security posture management.
Asset Inventory
new
COMING SOON
Tenable Vulnerability Findings
Pulls vulnerability findings from Tenable for risk analysis and remediation workflows.
Vulnerability Management
new
COMING SOON
Tenable Vulnerability Findings Cron
Pulls vulnerability findings from Tenable for risk analysis and remediation workflows.
Vulnerability Management
new
COMING SOON
Tines Event Stream
Collects workflow and alert events from your Tines tenant for automation visibility and monitoring.
SaaS
new
COMING SOON
Wiz Cloud Config Findings
Ingests configuration-related findings from Wiz to identify misconfigurations across cloud environments.
Cloud Security
new
COMING SOON
Wiz Cloud Resource Inventory
Ingests cloud resource metadata from Wiz for asset discovery and environment mapping.
Asset Inventory
new
COMING SOON
Wiz Issue Findings
Retrieves issue data from Wiz to support security incident tracking and investigation.
Cloud Security
new
COMING SOON
Wiz Vulnerability Findings
Pulls vulnerability findings from Wiz scans to power exposure management and triage.
Vulnerability Management
new
COMING SOON
Outputs
AWS OpenSearch
Outputs data to OpenSearch. Compatible with OpenSearch's data ingestion and querying capabilities.
Outputs
new
COMING SOON
AWS S3
Writes data to Amazon S3 buckets in various file formats (i.e., Parquet) and supporting partitioning.
Outputs
new
COMING SOON
AWS SQS
Publishes data to specified Amazon SQS queues. Supports both standard and FIFO queues.
Outputs
new
COMING SOON
AWS Security Lake
Send OCSF records to Amazon Security Lake, enabling centralized storage and analysis of security data in a standardized format.
Outputs
new
COMING SOON
Cribl HTTP Source
Sends data to a Cribl HTTP Source using standard HTTP requests.
Outputs
new
COMING SOON
Crowdstrike Falcon Next-Gen SIEM
Forwards processed data to Crowdstrike's Next-Gen SIEM.
Outputs
new
COMING SOON
Elastic NV Elasticsearch
Sends data to an Elasticsearch cluster for indexing, search, and analysis.
Outputs
new
COMING SOON
Generic Object Storage
Writes data to S3-compatible object storage services in various file formats (i.e., Parquet) and supporting partitioning.
Outputs
new
COMING SOON
Google BigQuery
Load data into your Google BigQuery project
Outputs
new
COMING SOON
Google Google Cloud MySQL
Send raw records directly to your Google Cloud MySQL Instance.
Outputs
new
COMING SOON
Google Google Cloud PostgreSQL
Send raw records directly to your Google Cloud PostgreSQL Instance.
Outputs
new
COMING SOON
Google Google Cloud SQL Server
Send raw records directly to your Google Cloud SQL Server Instance.
Outputs
new
COMING SOON
Microsoft Microsoft Azure Sentinel
Sends data to Microsoft Sentinel for querying and alerting.
Outputs
new
COMING SOON
Monad /dev/null
This output is used in testing pipelines and discards the data sent to it.
Outputs
new
COMING SOON
Monad HTTP
Delivers data via HTTP POST requests to any configurable endpoint.
Outputs
new
COMING SOON
PagerDuty
Sends events to PagerDuty for incident management and operational awareness.
Outputs
new
COMING SOON
PostgreSQL
Send raw records directly to a PostgreSQL database.
Outputs
new
COMING SOON
Snowflake
Enables seamless data transfer by batch processing messages into JSONL files and securely uploading them to Snowflake.
Outputs
new
COMING SOON
Splunk
Sends data to Splunk Cloud or Enterprise environments.
Outputs
new
COMING SOON
Sumo Logic
Sends data to Sumo Logic’s hosted or installed collectors for search and monitoring.
Outputs
new
COMING SOON
Request an integration
Let us know which integrations you’d like us to add next.
We’re all ears.
Integration Idea submitted!
Oops! Something went wrong while submitting the form.