Logster Documentation
Logster is an AI-driven endpoint threat detection platform designed to detect suspicious operating system activity, detect anomalous user behaviors, and help security teams investigate cyber threats in real time. Logster documentation is designed to help you understand Logster and its features, deployment process, and architecture.
Logster ingests system logs from Windows and Linux endpoints, analyzes them with a pre-trained AI detection model, and surfaces MITRE ATT&CK and zero-day detections through a REST API and a React dashboard. This site is your entry point to deploying, operating, and using it.
What is Logster
Understand Logster's purpose, the problems it solves, and how it differs from conventional rule-based SIEMs.
Key Features
Get a summary of Logster's detection capabilities, MITRE ATT&CK coverage, ingestion options, and deployment models.
UI Guide
Learn how to use the Logster dashboard as a SOC analyst — orienting yourself in the UI, investigating detections, and recording verdicts.
Whitelisting
Mark benign activity from the dashboard so the detection model stops flagging it — using shape or strict matching.
Licensing Guide
Review Logster's UAT license — its duration and event limits — and Logster Support's ethical license enforcement policy.
Admin Guide
Deploy and operate Logster using the packaged two-node appliance — hardware requirements, the App Node and GPU Node, licensing, and connecting Windows endpoints.
About
Logster is a product by Logster Support — an AI cybersecurity intelligence firm. For licensing quotes, custom integrations, or professional services, contact Logster Support directly.