News provided by
Oct 14, 2024, 10:00 ET
Open Source eBPF Syslog Toolkit Released
NEW YORK, Oct. 14, 2024 /PRNewswire/ — Tarsal, the pioneering force behind advanced security data movement, is proud to announce a major enhancement to its groundbreaking open-source project, kflow. This extended Berkeley Packet Filter (eBPF)-based agent now includes robust syslog capture and forwarding capabilities, redefining how organizations manage unstructured log data.
With this powerful new toolkit, dubbed kflow, all organizations have a comprehensive application that not only captures and monitors complex endpoint and kernel events in real-time but also efficiently forwards syslog data to destinations of choice, such as an Amazon S3 bucket or Webhook, making it easier for security teams to aggregate, analyze, and respond to security incidents. This development opens the door to simplified log management for enterprises seeking seamless integration between high-performance system monitoring and existing log analytics platforms.
By integrating syslog forwarding into the native ETL, Tarsal extends its real-time event capture to support structured and unstructured data from various sources, offering unprecedented visibility across endpoints, containers, and cloud workloads. Tarsal’s open-source log forwarder is specifically designed for the modern threat landscape, where rapid access to endpoint data is critical. This enhancement allows security teams to leverage streaming security data to stay ahead of cyber threats.
“We’re taking an essential step forward in how security data is collected and processed,” said Barrett Lyon, CTO of Tarsal. “Adding syslog forwarding to the Tarsal ETL not only streamlines unstructured log data collection but also empowers organizations with deeper insights into system activity, enabling more proactive threat detection and response.”
A New Era of Data Movement: kflow’s ability to leverage eBPF technology means that organizations can also analyze data before encryption takes place, offering unmatched insights into system behavior without the need for traditional network taps. This latest update enhances the platform’s zero-trust approach to data movement, ensuring that security teams can identify and respond to malicious activity faster than ever before.
Designed with scalability and efficiency in mind, kflow with syslog forwarding fits seamlessly into existing ETL pipelines and supports integration with SIEM platforms like Splunk, Snowflake, and open-source tools such as ELK.
In addition to the syslog toolkit, Tarsal has also released a new batch of native sources (also called “Connectors”) that can be ingested natively into its ETL. Tarsal is now supporting new audit logs from sources such as OpenAI, Salesforce, Slack, ServiceNow, and Atlassian.
kflow is available via the GIT repository; to learn more about Tarsal, visit www.tarsal.co/kflow
About Tarsal
A remote-first-company established in late 2022, Tarsal is the security data management company, providing security teams with visibility into all of their threat vectors. Our solution seamlessly connects and normalizes log data, empowering organizations with total data access and cost-efficient, smart data movement. Tarsal’s technology breaks down silos, reduces vendor lock-in, and allows security teams to get the visibility they need.
Media Contact
media@tarsal.co
SOURCE Tarsal