
Logster Documentation
Logster is an AI-driven endpoint threat detection platform designed to detect suspicious operating system activities, detect anomalous user behaviors, and help security teams investigate cyber threats in real time. Logster uses cutting-edge AI algorithms to energize its threat detection, in contrast to legacy threat detection solutions (SIEM, EDR).
Logster ingests native security logs from Windows and Linux endpoints, analyzes them with the pre-trained AI detection model, uncovers hidden TTPs (Tactics, Techniques, and Procedures) explained in the MITRE ATT&CK framework, and also discovers cutting-edge attacker behaviours found in different cyber attack campaigns. It surfaces these detections through a REST API and a statistical console.
Key Features
Get a summary of Logster's detection capabilities, MITRE ATT&CK coverage, ingestion options, and deployment models.
Admin Guide
Deploy and operate Logster using the packaged two-node appliance — hardware requirements, the App Node and GPU Node, and connecting Windows and Linux endpoints.
User Guide
Learn how to use the Logster platform as a SOC analyst — orienting yourself in the UI, investigating detections, and recording verdicts.
Licensing Guide
Review Logster's license (duration, event thresholds) and Logster's ethical license enforcement policy.
About
Logster is a product by Logster Support — an AI cybersecurity intelligence firm. For licensing quotes, custom integrations, or professional services, contact Logster Support directly by emailing info@logster.ai.