How it works / In summary

Collect Ingest Parse Data in Adapter


Collect and Parse

DNIF library has parsers ready to ingest data from all types of devices including network elements which generate syslog, servers which generate text logs or even applications which generate HTTP logs. Data is enriched at the time of ingestion and indexed while it is stored in the Big Data store.

Index and Store data in Datastore


Store and Index

DNIF's data store is located inside the organization’s network, secure from external threats and ready to respond with low latency. Multiple data stores can be set up providing horizontal scalability without setting up additional instances or other components from the DNIF platform.

Analyse and correlate data via Correlator


Analyze and Correlate

The correlator powered by the DQL engine works in tandem to:

  • Generate data for custom queries
  • Power-up dashboards with relevant visualizations
  • Raise modules internal to DNIF or trigger external systems to action on correlated events

The DQL console is your command centre to hunt down threats which impact your organization.

How it works / at Scale

Big Data Services Big Data Analytics Platform

The DNIF platform and it's components are designed to scale up and down seamlessly without breaking operations. All components are individually scalable either by loadbalancing or by clustering and brings redundancy to the infrastructure. The analytics bench or the handlers desk connects directly to the datastore cluster to query and retrieve data.

How it works / in Depth



Receive Events

Agents collect data from variety of data sources. Devices: network devices, servers, applications, DLP/IDS/IPS engines, BYOD platforms. Formats: Syslog, Text Files, HTTP, WMI, SQL, APIs



Extract Fields

Custom and pre-made parsers ingest data from various devices into DNIF’s Big Data Store



Add Context

Enrich the ingested files with geographic data, threat intelligence, custom data fields such as user/session IDs etc.



Organize and Store

Index the data once it is ingested in the Big data store.



Seamless Growth

Your data spreads through an horizontally scalable data store architecture without requiring any redeployment.



Execute Rules

Data is baselined to a common standard and pre-existing rules are run on the data for primary correlation.



Visualize and Hunt

Use the DQL console to analyse data, proactive threat hunting or to define new rules to set up reactive triggers. Get them displayed on dashboards using widgets.

Respond Orchestrate

Respond / Orchestrate

Auto Remediate

Trigger automated response systems that integrate with external services or devices.