Integrate any log source, any format, without configuration
Cut host onboarding times to a third. Onboard all log types, understand formats, and add context without a sweat.
Native connectors for any type of integration you might need
Start collecting data without any configuration needs. Just point your logs, no device setup, no parser selection... it's that easy.
Ready integrations for wide category of log sources, COTS technologies, custom applications and cloud services
Support for various network protocols such as syslog (over TCP and UDP), SNMP, WMI, SCP, FTP, Netflows
Use agent based / agent less integration mechanisms and support for third party log forwarding tools
API connector framework allows users to integrate with any cloud SaaS
Readily available parsers for widely used technologies with an ability to create customized parsers for all kinds of user specific applications.
Open log parsing framework with reference parsers for most widely used technologies
Parser customization workflows to create, edit and test parsers according to specific needs
Automatic parsing for JSON objects and key value pair log types without any coding efforts
Simple YAML file based field mapping to the DDM framework to associate application outcomes to existing threat models
Data enrichment gives context to the events and significantly reduces time to action. Build custom policies to retain and query the data you want.
Real time data contextualization using native enrichment feature
Full support for wide variety of enrichments such as Machine Readable Threat Intelligence (MRTI), GeoFeeds and lookups
Support for any external source such as Active Directory, HRMS, CMDB Systems, Vulnerability Platforms
Support for various sources such as STIX/TAXII, API based, CSV files
Out-of-the-box support for more than 350 log sources, OT/IOT devices and cloud services
Auto identification of log sources using the DNIF log matching algorithm. Just forward logs and DNIF takes care of the rest
DNIF Parser and Plugin Support Policy provides future protection for customers by providing reference parsers for unsupported COTS technologies
Leverage the power of DNIF community in working with a wide spectrum of technologies