Skip to content

Logster Documentation

Logster is an AI-driven endpoint threat detection platform designed to detect suspicious operating system activities, detect anomalous user behaviors, and help security teams investigate cyber threats in real time. Logster uses cutting-edge AI algorithms to energize its threat detection, in contrast to legacy threat detection solutions (SIEM, EDR).

Logster ingests native security logs from Windows and Linux endpoints, analyzes them with the pre-trained AI detection model, uncovers hidden TTPs (Tactics, Techniques, and Procedures) explained in the MITRE ATT&CK framework, and also discovers cutting-edge attacker behaviours found in different cyber attack campaigns. It surfaces these detections through a REST API and a statistical console.


Key Features

Get a summary of Logster's detection capabilities, MITRE ATT&CK coverage, ingestion options, and deployment models.

Admin Guide

Deploy and operate Logster using the packaged two-node appliance — hardware requirements, the App Node and GPU Node, and connecting Windows and Linux endpoints.

User Guide

Learn how to use the Logster platform as a SOC analyst — orienting yourself in the UI, investigating detections, and recording verdicts.

Licensing Guide

Review Logster's license (duration, event thresholds) and Logster's ethical license enforcement policy.


About

Logster is a product by Logster Support — an AI cybersecurity intelligence firm. For licensing quotes, custom integrations, or professional services, contact Logster Support directly by emailing info@logster.ai.