Configure Searches to periodically run against a variety of data sources. You can define a custom pipeline of Filters to manipulate any generated Alerts and forward them to multiple Targets.
Review and manage Alerts through the web interface. You can apply Renderers to alerts to enrich them with additional metadata.
- You want to detect when certain log lines show up in ES.
- You want to detect when a Graphite metric changes.
- You want to detect when a server stops responding
- You want to manage alerts through a simple workflow.
And much more!
See the Table of Contents for a list of documentation pages.
If you've any questions, feel free to ask on Gitter. You can also contact us on Twitter at @sixhundredns and @kennysan.
- CaC post
- Defcon presentation
- Slides
- Demo (User: user, Pass: user)
Check out the contribution guidelines.
411 is released under the MIT License.