This section helps you to manage and monitor the services of PICO. How to view PICO Services? You can edit the name of the component on the top left corner of the screen using the Edit icon and then click Save, to save the component name. Icon Description Click this icon to list the services of the PICO […]
Working with Services Read More »
Overview DNIF is a strong automation platform that enhances security operations with security analytics and security automation. Multiple third-party endpoints can be integrated with existing applications, simplifying interoperability with a range of third-party applications. These integrations enable automated actions and workflows across antivirus tools, DLP, IAM tools, web proxy, SIEM, third-party intelligence, email security, operating
The DNIF Search API lets you develop an application that can retrieve and display results with the desired DQL query programmatically. With this API, you can use Restful requests to get search results for multiple streams with desired start and end time. Prerequisites Ensure you have the following details before using the DNIF Search API
‘DNIF HYPERCLOUD SIEM’ is a data analytics software (“Software”) developed and owned exclusively by NETMONASTERY Network Security Private Limited, a private company limited by shares, incorporated under the (Indian) Companies Act, 1956 and having its registered office at 2nd Floor, Reliable House, Kanjur Marg (w), Mumbai – 400079 (“NETMONASTERY”). The term “SaaS Services” means the Software
Data Privacy Policy Read More »
‘DNIF HYPERCLOUD SIEM’ is a data analytics software developed and owned exclusively by NETMONASTERY Network Security Private Limited, a private company limited by shares, incorporated under the (Indian) Companies Act, 1956 and having its registered office at 2nd Floor, Reliable House, Kanjur Marg (w), Mumbai – 400079 (hereinafter referred to as ‘NETMONASTERY’). This DNIF Software as a Service
DNIF End-user License Agreement Read More »
Signal Context details help you understand all the multiple entities that are related to the suspect or target entity. This allows you to fetch all the incidents in the raw log where the particular entity is repeated. All the raw logs connected to this entity or the raw logs including this entity will be displayed
View Signal Context Details Read More »
The DNIF Query Language lets you query multiple streams separated by a comma. Syntax The syntax for querying multiple streams is as follows: stream = stream_name1,stream_name2, stream_name3 Here, The keyword stream is a standard DQL keyword used to retrieve data stream_name1, stream_name2, and stream_name3 are the names of the streams from which the data will
Query multiple streams Read More »
The DNIF Query Language supports querying by source name. Data from a specific source is written to one or more streams, and when you query by source name, all streams associated with that source are included in the query. Syntax The syntax for querying by source name is as follows: sourcename = source_name Here, sourcename is the
Query by source name Read More »
Introduced in v9.2.0 Access Structured Data in your logs without Extraction. With DQL, you can now access JSON and structured Key Value fields without extraction. JSON For JSON logs you can add @ prefix i.e. @fieldname to extract the field details of that particular column.Example 1 stream=cloudtrail | select @type,@userIdentity.type This query will retrieve all
Introduced in v9.1.1 Phase I Access Structured Data in your logs without Extraction. With DQL, you can now access JSON and structured Key Value fields without extraction. JSON For JSON logs you can add @ prefix i.e. @fieldname to extract the field details of that particular column. Example 1 _fetch @userIdentity.type from event where $Stream=CLOUDTRAIL
Schema on Read (Legacy) Read More »
