Skip to content
Cloud-Native SIEM, User analytics and Automation | DNIF HYPERCLOUD | DNIF
  • PLATFORM
    • WHY US
    • Integrations
  • SOLUTIONS
    • LOG MANAGEMENT
    • SIEM
  • PRICING
  • RESOURCES
    • KNOWLEDGE BASE
    • BLOG
    • DARC NOTES
    • About Us
    • Contact
SCHEDULE A DEMO
SCHEDULE A DEMO
Cloud-Native SIEM, User analytics and Automation | DNIF HYPERCLOUD | DNIF
  • PLATFORM
    • WHY US
    • Integrations
  • SOLUTIONS
    • LOG MANAGEMENT
    • SIEM
  • PRICING
  • RESOURCES
    • KNOWLEDGE BASE
    • BLOG
    • DARC NOTES
    • About Us
    • Contact
Hello. How can we help you?

DEVICE INTEGRATION

  • Palo Alto (Device Integration)
  • Dell Cylance Endpoint
  • McAfee Web Gateway
  • Imperva WAF
  • Darktrace
  • Forescout CounterACT
  • Juniper Cortex Threat
  • Zscaler
  • Sophos
  • Sophos Endpoint
  • Trend Micro
  • Sophos Cyberoam Firewall
  • Radware-WAF
  • NetScaler WAF
  • Ubuntu
  • Juniper SRX
  • Forcepoint Websense
  • FireEye
  • Forcepoint DLP
  • F5 BIG-IP ASM
  • CyberArk PIM
  • CheckPoint
  • Bluecoat Proxy
  • Accops Hyworks
  • Barracuda WAF Syslog
  • Forwarding F5 Distributed Cloud Services Logs to DNIF over TLS
  • JIRA CLOUD
  • Aruba ClearPass

  • CISCO

    • Cisco ACS
    • Cisco FirePOWER
    • CISCO Network OS
    • CISCO ASA

  • FORTINET

    • FortiManager
    • FortiWeb
    • FortiGate

  • MICROSOFT

    • Windows Sysmon and NXLog
    • MS SQL
    • IIS

  • SYMANTEC

    • Symantec AV
    • Symantec ATP

CONNECTORS

  • Connector Validation
  • How to Configure Connectors?
  • How to Add a Connector?

  • SUPPORTED CONNECTORS

    • 1Password Connector
    • Abnormal Security
    • Akamai Netstorage
    • Atlassian
    • Auth0 Connector
    • AWS CloudTrail
    • AWS Kinesis
    • AWS S3
    • AWS S3 (Optimized)
    • AWS S3 Optimized Cross Account Connector
    • Azure Blob Storage Connector
    • Azure Event Hub
    • Azure NSG
    • Beats
    • Box
    • Cisco Duo
    • Cloudflare Logpull Connector Setup Guide
    • CloudWatch Connector
    • Cortex XDR
    • CrowdStrike
    • Cyble Vision
    • Device42
    • Dropbox Connector
    • GCP
    • GCP PUB/SUB
    • GitHub
    • Google Workspace
    • Haltdos
    • HTTP Connector
    • Hub Spot Connector
    • Indusface
    • Jira Connector
    • Microsoft Graph Security API
    • Microsoft Intune
    • Mimecast
    • Netflow
    • Netskope Connector
    • Network Traffic Analysis
    • NextDLP Reveal
    • Office 365
    • Okta
    • OneLogin
    • Orca
    • PICO Legacy Connector
    • Prisma Alerts
    • Prisma Incidents
    • Salesforce
    • Salesforce Pub/Sub Connector
    • Shopify Connector
    • Slack
    • Snowflake
    • Snyk Connector
    • Syslog
    • TCP
    • Tenable Vulnerability Management Connector
    • TLS
    • Trend Micro Audit Logs
    • Workday HCM Connector
    • Zendesk
    • Zoom
    • Jumpcloud Connector
    • Sophos connector
    • Tenable Security Center Connector
    • AWS GuardDuty Connector
    • Trend Micro Vision One Connector
    • RediffMail Pro Connector
    • Microsoft Sentinel
    • Microsoft Exchange Online Connector

DATA INGESTION

  • Windows Event Logs
  • Syslog (Data Ingestion)

  • EXTRACTORS

    • How Extractors work?
    • Custom Extractors
    • Extractor validator
    • View an Extractor
    • Understanding Extractors
    • Guidelines for Sanitizing Log Samples

  • ENRICHMENT

    • Define Custom Enrichment Bucket
    • Enrichment
    • View Enrichment

  • ENRICHMENT EXAMPLES

    • UBA: Coalescing User Identities
    • Flag matches with GreenSnow ThreatIntel
    • Enrich DevSrcIP with Asset Store
    • Flag Risky User Activities

HUNTING WITH WORKBOOKS

  • GETTING STARTED

    • Your first FIND with the HYPERCLOUD
    • Create a Search Block
    • Create a Signal Block
    • Create a Text Block
    • Create an Outlier Block
    • Create a DQL Block
    • Create an SQL Block
    • Create a Code Block
    • Create a Visual Block
    • Create a Call Block
    • Create a Return Block
    • Create a Notification Block
    • Schedule a Workbook
    • Native Workbook
    • Workbook Functions
    • How to view Workbooks?
    • Add Parameters to Workbook
    • Working with Pass through Content
    • How to create a Workbook?
    • Workbooks

  • VISUALIZATION

    • Bipartite Chord
    • Availability Timeline
    • Bubble Chart

DNIF Query Language (DQL Language)

  • SCHEMA ON READ

    • Schema on Read

  • QUERY MULTIPLE STREAMS

    • Query multiple streams

  • QUERY BY SOURCE NAME

    • Query by source name

  • PIPES

    • Timeslice
    • Select
    • Limit
    • Last
    • Having Clause
    • Groupby
    • First
    • Duration

  • OVERVIEW

    • Overview

  • FUNCTIONS

    • Wildcard
    • Sum
    • Regex Match
    • Ratio_of
    • Percentage_of
    • Not Clause
    • Min
    • Max
    • Length
    • Distinct_count
    • Distinct
    • Count_if
    • Avg

  • DQL (LEGACY)

    • Schema on Read (Legacy)
    • _trigger
    • _store
    • _sort
    • _retrieve
    • _lookup
    • _limit
    • _fetch
    • _export
    • _checkif
    • _agg

  • DQL RIGHT FROM START

    • DQL – Right from the start

  • DQL CHEATSHEET

    • DQL CHEATSHEET

  • BASIC SYNTAX

    • Basic Syntax

SECURITY MONITORING

  • Streamline Alert Analysis with Signal Tagging
  • Workbook Versioning: Track, Collaborate, and Restore with Ease
  • What is Security Monitoring?
  • Creating Signal Suppression Rules
  • Why EBA
  • Signal Suppression Rule

  • INVESTIGATE SIGNALS

    • What are signals?
    • View Signal Context Details
    • Suspect & Target
    • Source Stream
    • Signal Filters
    • Signal Data export
    • Signal Context Details
    • Signal Confidence Levels
    • Raise and View Signals
    • Investigate Anywhere
    • How to add a signal to a case?
    • Graph View for Signals
    • Global Signals
    • False Positives
    • Add Multiple Signals to a Case
    • Add comment to the signal

  • CASE MANAGEMENT

    • Case Lifecycle
    • Case Management Overview
    • Create a Case
    • Export Case Data
    • Key Metrics – MTTD,MTTA & MTTR
    • Kill Chain Model
    • Manage Cases
    • Search and Filter Cases
    • View Cases

  • MITRE ATT&CK

    • Detection Coverage on MITRE ATT&CK framework
    • MITRE ATT&CK® and DNIF
    • MITRE ATT&CK Overview
    • Signal Activity mapped to MITRE ATT&CK framework

OPERATIONS

  • Two – Factor Authentication (2FA)
  • Slow Queries
  • SAML Authentication Support
  • Managing Streams
  • Manage Token
  • Machine Learning
  • LDAP Authentication
  • Geo Enrichment
  • Event Stores
  • Collection Status
  • Change Task Timeouts

MANAGE DASHBOARDS

  • Create a Dashboard

MANAGE REPORTS

  • View Reports
  • Schedule a report
  • Invoke/Revoke a report
  • Create a Report

USER MANAGEMENT & ACCESS CONTROL

  • DNIF Entities

  • MANAGE TENANTS AND ACCESS

    • View Tenant & Edit Tenant
    • Manage Tenant User
    • Manage Tenant Administrator
    • Manage Role-based Access

  • MANAGE ORGANIZATION AND USERS

    • View Users
    • Reset MFA
    • Password Policy
    • Organization Audit Trail
    • Enable or Disable a User
    • Edit Organization
    • Delete a User
    • Create & Edit Users
    • Reset a User's Password
    • Manage Users

BILLING

  • Pricing to billing, how it works
  • Calculating overage

MANAGING YOUR COMPONENTS

  • PICO

    • Working with Services
    • Notification for PICO and Data Source events

GETTING STARTED

  • Quick Start Guide
  • Pre-Requisites Audit
  • Before You Begin

INSTALLATION

  • PICO Installation

SOLUTION DESIGN

  • Scaling Datanodes
  • Scaling Adapters
  • Minimum Requirements
  • Hardware Benchmarks

AUTOMATION

  • Automation

  • SUPPORTED AUTOMATION

    • Active Directory
    • AlienVault
    • Asset Store
    • ClickSend
    • Domain Tools
    • Fortigate
    • GreenSnow
    • JiraServiceDesk
    • Microsoft Teams Channel
    • New Relic
    • Opsgenie
    • PagerDuty
    • Palo Alto
    • ServiceNow
    • Slack Configuration
    • TAXII
    • Trend Micro
    • URLhaus
    • User Store
    • Virustotal
    • Webhook

  • SUPPORTED AUTOMATION SSH

    • Secure Compromised User Account
    • SSH Configuration

TROUBLESHOOTING AND DEBUGGING

  • Troubleshooting Connector Validations
  • Troubleshooting Automations
  • PICO
  • Adapter Safeguards

  • TROUBLESHOOTING CONNECTORS

    • TLS ( Troubleshooting Procedure)
    • TCP (Troubleshooting Procedure)
    • Syslog (Troubleshooting Procedure)
    • Salesforce ( Troubleshooting Procedure)
    • PICO
    • Office 365 (Troubleshooting Procedure)
    • GSuite
    • GCP (Troubleshooting Procedure)
    • Beats (Troubleshooting Procedure)
    • Azure NSG ( Troubleshooting Procedure)
    • Azure Eventhub
    • AWS S3 (Troubleshooting Procedure)

LICENSE MANAGEMENT

  • Term Based Software Subscription

RELEASE NOTES

  • January 19,2026 – Content Update
  • December 23, 2025 – Application Update
  • December 4,2025 – Content Update
  • November 27, 2025 – Application Update
  • October 28, 2025 – Content Update
  • August 20, 2025 – Content Update
  • August 5, 2025 – Application Update
  • July 15, 2025 – Content Update
  • June 13, 2025 – Content Update
  • May 21, 2025 – Content Update
  • April 17, 2025- Content Update
  • March 25, 2025- Content Update
  • March 18, 2025 – Application Update
  • March 5, 2025 – Application Update
  • January 27, 2025 – Application Update
  • January 29, 2025 – Content update
  • December 30, 2024 – Content Update
  • December 12, 2024 – Content Update
  • December 3, 2024 – Application Update
  • November 15, 2024 – Content Update
  • October 26, 2024- Application Update
  • October 23, 2024 – Content Update
  • October 16, 2024 – Application Update
  • September 04, 2024 – Application Update
  • September 04, 2024 – Content Update
  • August 27, 2024 – Application Update
  • July 30, 2024 – Application Update
  • June 04, 2024- Application Update
  • April 24, 2024- Application Update
  • March 26, 2024 – Application Update
  • February 19, 2024 – Application Update
  • January 09, 2024 – Content Update
  • January 09, 2024 – Application Update
  • November 27, 2023 – Content Update
  • November 27, 2023 – Application Update
  • October 05, 2023 – Application Update (Release Notes v9.3.3)
  • May 30, 2023 – Application Update (Release Notes v9.3.2)
  • November 29, 2022 – Application Update (Release Notes v9.3.0)

API

  • Search API

POLICIES

  • The DNIF HYPERSCALE Lifecycle and Release Cadence
  • Support Handbook
  • Service Limits for DNIF Cloud
  • Active Threat Content Synchronization

SECURITY BULLETINS

  • Apache Log4j CVE-2021-44228

BEST PRACTICES

  • Advanced Telemetry for Windows

DNIF AI

  • Getting Started with DNIF AI

    • Getting Started with DNIF AI

  • Extractor Generator

    • Extractor Generator Overview

DNIF LEGAL AND SECURITY COMPLIANCE

  • DNIF END-USER LICENSE AGREEMENT

    • DNIF End-user License Agreement

  • DATA PRIVACY POLICY

    • Data Privacy Policy

DNIF Logo

Machine Data Analytics
for EVERYONE

PLATFORM

How it Works

Why Us

Integrations

Pricing

SOLUTIONS

Log Management

SIEM

RESOURCES

Darc Notes

Blog

Knowledge Base

COMPANY

About Us

Contact Us

© 2026 NETMONASTERY SYSTEMS INC. All rights reserved.

Privacy Policy    |    Cookie Policy    |     Terms and Conditions