Skip to content

LogMan.io Warden

TeskaLabs LogMan.io Warden is a microservice that periodically performs predefined detections on parsed events stored in Elasticsearch. The Elasticsearch indices to load events from are obtained through event lane declarations for the given tenant that are stored in /EventLanes/ folder in the library. The detections create alerts in LogMan.io Alerts microservice.

The following detections are available:

- IP detection that detects IP addresses stored in a lookup