Gravwell is an enterprise data fusion platform that enables security teams to investigate, collaborate, and analyze data from any source, on demand, all with unlimited data collection and retention. Ingest everything. Investigate anything.
Technical Walkthrough: Analyze Windows and Sysmon Events
This is a technical walkthrough of a proof-of-concept evaluation using Gravwell to collect, search, analyze windows and sysmon events. We’re primarily interested in testing functionality, not scalability, so the VM will start at a modest size with an expected daily ingest rate of 50-100 GB/day of events or less.