Skip to content

Logster Documentation

Welcome to the Logster documentation site. This documentation is designed to help you understand Logster — Logster Support's AI-driven endpoint threat detection platform — its features, deployment process, and architecture.

Logster ingests system logs from Windows and Linux endpoints, analyzes them with pre-trained graph neural network models, and surfaces MITRE ATT&CK and zero-day detections through a REST API and a React dashboard. This site is your entry point to deploying, operating, and using it.

The documentation is split into two top-level sections:

  • User Guides — for SOC analysts, API consumers, and decision-makers evaluating or using Logster.
  • Technical Guides — for platform engineers, administrators, and operators who deploy, integrate, and run Logster.

User Guides

Product overviews, end-user workflows, and licensing information.

What is Logster

Understand Logster's purpose, the problems it solves, and how it differs from conventional rule-based SIEMs. Learn more.

Key Features

Get a summary of Logster's detection capabilities, MITRE ATT&CK coverage, ingestion options, and deployment models. Read the feature list.

Dashboard User Guide

Learn how to use the Logster dashboard as a SOC analyst — orienting yourself in the UI, investigating detections, and recording verdicts. Access the Dashboard User Guide.

API User Guide

Learn how to access and use Logster's REST API for seamless integration with ticketing systems, SIEMs, and automation tooling. Access the API User Guide.

Licensing Guide

Review Logster's licensing tiers — Proof-of-Concept, Enterprise, and Premium — and Logster Support's ethical license enforcement policy. Read the Licensing Guide.

Technical Guides

Architecture, installation, configuration, security, and operational references for deployers and operators.

Enterprise Architecture

Explore the end-to-end pipeline — from endpoint collectors through Kafka, normalization, GNN inference, and the alert pipeline, to the dashboard. Explore the architecture.

Admin Guide

Get detailed instructions for installing and managing Logster, including configuration parameters, log sources and their exact formats, routine operational activities, user access, and production hardening considerations. Access the Admin Guide.

Security Guide

Understand Logster's security posture — how events are validated, how auth is configured, and how to harden a deployment for production use. Read the Security Guide.

Troubleshooting Guide

Diagnose common installation, ingestion, and runtime issues, with symptom → cause → fix recipes for the most frequent failure modes. Access the Troubleshooting Guide.

Splunk Integration Guide

Integrate Logster with an existing Splunk deployment using the Splunk Universal Forwarder as the endpoint shipper for Windows and Linux hosts. Read the Splunk Integration Guide.

Model Deployment

Learn how Logster's pre-trained GNN models are packaged, loaded, and swapped in production deployments. Read the Model Deployment Guide.

About

Logster is a product by Logster Support — an AI cybersecurity intelligence firm. For licensing quotes, custom integrations, or professional services, contact Logster Support directly.