RunReveal
Contact
RunRevealDiscordDiscord
  • Introduction
  • How To Guides
    • Collecting Nginx Logs
    • Kubernetes Logs
    • Getting Started
  • Sources
      • AWS S3 Bucket
      • AWS S3 with custom SQS
      • Azure Blob Storage
      • Google Cloud Storage
      • R2
      • 1Password
      • Atlassian
      • Auth0
        • ALB
        • CloudTrail
        • DNS
        • Flow
        • GuardDuty
        • Hosted Zone
        • Activity Logs
        • Entra
        • Azure Flow
      • Cloudentity
        • Audit
        • Gateway DNS
        • Gateway HTTP
        • HTTP
        • Falcon Data Replicator
        • Event Streams
      • DNSFilter
      • Dropbox
      • Fluent Bit
      • GCP
      • Generic Sources
      • GitHub
        • Audit Logs
        • Webhook Events
      • GitLab
      • Google Workspace
      • JAMF
      • Keeper Security
      • Kubernetes Audit Logs
      • MongoDB
      • Notion
      • Obsidian Security
      • Okta
      • Palo Alto Panorama Traffic
      • Reveald
      • SentinelOne
      • Sophos
      • Structured Webhooks
        • Audit
        • Flow
      • Teleport Cloud Audit Logs
      • Zendesk
      • Jumpcloud
  • Transforms
  • Filtering
  • Detections
    • Writing a SQL Detection
    • Sigma Streaming
    • Detection as Code
      • Getting Started
      • Export Detections
      • Uploading Detections
      • Deployment
  • Enrichments
    • Loading Rules From CSV
    • Using the API
  • Notifications
    • Email Notifications
    • Slack Integration
    • PagerDuty Integration
    • Jira Integration
    • Webhooks
    • Tines Integration
    • Notification Templates
    • History API
  • Integrations
    • Grafana Integration
    • Jupyter Notebooks
  • Reference
    • Logs API
    • Using the CLI
    • Role-Based Access Control
    • Model Context Protocol
  • Bring Your Own Cloud
    • Deployment
    • Authentication
    • RunReveal Query
    • RunReveal Scheduler
      • Schedule Types
  • Release Notes
    • 2024 Release Notes
    • v2025.4.29
    • v2025.4.28
    • v2025.4.27
    • v2025.4.26
    • v2025.4.25
    • v2025.4.24
    • v2025.4.23
    • v2025.4.22
    • v2025.4.21
    • v2025.4.20
    • v2025.4.19
    • v2025.4.18
    • v2025.4.17
    • v2025.4.16
    • v2025.4.15
    • v2025.4.14
    • v2025.4.13
    • v2025.4.12
    • v2025.4.11
    • v2025.4.10
    • v2025.4.9
    • v2025.4.8
    • v2025.4.7
    • v2025.4.6
    • v2025.4.5
    • Release V2025 4 X
    • Release V2025 5 1
    • Release V2025 5 10
    • Release V2025 5 11
    • Release V2025 5 12
    • Release V2025 5 13
    • Release V2025 5 14
    • Release V2025 5 15
    • Release V2025 5 16
    • Release V2025 5 17
    • Release V2025 5 18
    • Release V2025 5 19
    • Release V2025 5 2
    • Release V2025 5 20
    • Release V2025 5 21
    • Release V2025 5 22
    • Release V2025 5 23
    • Release V2025 5 24
    • Release V2025 5 25
    • Release V2025 5 26
    • Release V2025 5 27
    • Release V2025 5 28
    • Release V2025 5 29
    • Release V2025 5 3
    • Release V2025 5 30
    • Release V2025 5 31
    • Release V2025 5 32
    • Release V2025 5 33
    • Release V2025 5 34
    • Release V2025 5 35
    • Release V2025 5 36
    • Release V2025 5 37
    • Release V2025 5 38
    • Release V2025 5 39
    • Release V2025 5 4
    • Release V2025 5 40
    • Release V2025 5 6
    • Release V2025 5 7
    • Release V2025 5 8
    • Release V2025 5 9

On This Page

  • Ingest Methods
Question? Give us feedback →Edit this page
SourcesSource TypesGeneric Sources

Generic Log Sources

Generic log sources allow you to send any type of event to RunReveal.

Ingest Methods

RunReveal offers the following ways to ingest Generic log sources:

  • Azure Storage Account
  • AWS S3
  • AWS S3 Bucket with Custom SQS
  • Google Cloud Storage
  • Webhooks

If using an AWS S3 bucket use the following SNS topic ARN to send your bucket notifications.

arn:aws:sns:<REGION>:253602268883:runreveal_generic
GCPGitHub
RunReveal docs