Managed SIEM

Ingest powershell data for auditing and detection purposes. Malicious PowerShell scripts are commonly used by threat actors to run silent actions in the background.

Collect, parse, and store logs from Azure, AWS, and Google Workspace

Track PowerShell modules and scripts to identify anomalous/malicious activity

Support full log collection for both MacOS and Linux systems to be able to have a Customers entire infrastructure able to be covered with Managed SIEM.

If a server is configured as DNS server ingest the logs for the service. This is listed in CIS v8.1, Safeguard 8.6.

Collect, parse, and store activity logs from DattoRMM.

Ingest access logs from things like Screenconnect, Kaseya, Nable, Auvik, Datto RMM etc etc that MSP's use to admin their clients.