Logs are critical in information security but the amount of data they generate is huge and existing solutions for managing them are expensive. LimaCharlie can now automatically collect and store logs with no configuration, without installing another agent, for a full year. And yes, you can even send logs to LimaCharlie manually.
LimaCharlie can consume logs from any OS. Logs can be unstructured (no parsers necessary) and we even support pcap and Windows logs.
With this new capability you can search, visualize and correlate over a full year of log and endpoint data.
Detailed documentation on this new capability can be found here.
Coming soon is the extension of LimaCharlie’s powerful detection and response rules to include logs on top of the EDR data, which will allow you to build detections and automations based on logs.
With the addition of log ingestion and correlation LimaCharlie makes the promise of Security Infrastructure as a Service a reality.