Meet the backbone of your SOC infrastructure.

ACKLOG is a SIEM product specialized in supporting SOC operations which has a strong correlation engine and a scalable architecture.

ACKLOG is a SIEM product specialized in supporting SOC operations which has a strong correlation engine and a scalable architecture.

ACKLOG is designed from the ground up with a highly scalable architecture. It inherits powerful technologies, allowing it to scale horizontally and process large amounts of log messages for real-time alert creation.

Usability is at the heart of its every function, such as easy parsing configuration, directly converting search results into reports, scheduled alerts and dashboard widgets, a search box with keyword highlighting and field name completion, a powerful grammar allowing the users to create analytical queries easily, etc.

Scalability and Performance

Cluster server architecture

ACKLOG can be deployed as either a standalone server or a cluster. Cluster architecture enables users to simply adapt to their changing requirements without having to repeat the installation, configuration, and customization processes.

Scalable microservices application architecture

The modern microservices application architecture enables users to bypass bottlenecks in a matter of seconds. Users can optimize their resource utilization by observing and adapting to fluctuating workloads.

Workload visibility

ACKLOG enables users to be aware of the system's load by providing cluster-wide CPU, RAM, disk space utilization, and queue status statistics.

Monitoring system resource availability

ACKLOG notifies its users of impending capacity constraints prior to the occurrence of shortages.

Intuitive User Experıence

Visibility of the collected data

ACKLOG enables users to observe the field names of the logs collected from any or all nodes. In addition, the values of specific fields are readily accessible to users.

Advanced search box and search utilities

Fieldname and query keyword completion features speed up the creation of queries. Users can save their favorite queries for future use, as well as view and use their previous queries.

Converting your searches directly into reports, widgets, and scheduled alerts

ACKLOG provides its search module as a pivot point to guarantee the user's report, widget, and scheduled alert designs are accurate.

Ingesting custom logs and testing your parsing configuration easily

ACKLOG offers configurable custom parsing capabilities that can parse virtually any log string. Neither external support nor system updates are required for users to import and parse their custom logs.

Advanced visualization and dashboard capabilities

The search module automatically checks to see if the results of a search query can be turned into different kinds of charts. The user can choose any of those charts to create a widget.

Effective Alerting and Threat Hunting

Powerful query grammar supporting data transformation and aggregation

ACKLOG provides its users with a powerful and user-friendly query grammar. The grammar is designed with requirements for threat detection in mind.

Real-time alert capability for fast alerting

ACKLOG analyzes log data streams on the flow, supports correlation rules that can accommodate extremely complex attack detection scenarios, and is scalable like all other ACKLOG services.

Scheduled alerts for harvesting analytical search capabilities

While real-time alerting allows for extremely rapid detection of attacks, scheduled alerts are created to leverage the power of analytic search queries.

Utilizing extensive intelligence lists with the matching service

ACKLOG matches very large intelligence lists very fast with the log messages originating from specified log sources.

Compliance and Investigation Support

Log signature and verification features

Users can use digital signing to satisfy log integrity assurance requirements and improve the credibility of investigations relying on the collected logs.

Exporting and importing logs to satisfy long-term retention requirements

ACKLOG has log forwarding, snapshotting, and exporting capabilities to facilitate log sharing and long-term retention requirements.

Various methods for sharing selected logs with third parties

Users can send parsed and enriched logs directly to third-party systems or share exported log files in bulk.

Monitoring steady log flow from critical sources

ACKLOG, belirli log kaynaklarından gelen log mesajlarının sağlıklı akışını izlemenin birkaç yöntemini sunar. Kullanıcılar, log mesajlarının sağlıklı bir şekilde toplanmasını engelleyen bağlantı veya diğer sorunlardan haberdar olmak için zamanlanmış uyarılar oluşturabilir veya istedikleri zaman en son log alım sürelerini görüntüleyebilirler.