Product

SpectX is a downloadable log analysis solution that makes it quick and easy to parse and analyse unstructured data stored in different locations. It differs from all other log analytics tools because there is no data import/preparation (ETL) phase. Simply install SpectX to your desktop or server, point it to your data wherever it is stored, describe (or autodetect) the data structure and get querying using the standard SQL or a more flexible Spectx query language. 

Use cases

The ability to quickly analyse raw logs means you can rapidly get into the heart of infosec incidents and complex system failures. SpectX is also a flexible solution for enterprise application integration and preparing unstructured data for analytics. The parallel processing gives you quick, near real-time results, even when using complex queries on large datasets. See quick demo videos follow SpectX in action.

Flexible Log Parsing

SpectX pattern matching language is specifically designed to combat traditional parsing challenges. Multiple charsets and timestamp formats, calculating country codes and ASN-numbers from  IP-addresses, working with compressed data, catching unmatched bytes - SpectX allows you to flexibly describe and even the most unique and volatile datasets. 

Unlimited analytics

There is no limit to the volume of data or the number of queries you can run with SpectX. All major cloud storage providers and on-premise servers are supported as storage locations. You can also point your queries to http/https web pages. The data stays where it is, under your control, and in its original format (all textual formats, pcap and rosbag are welcome). 

Pricing

SpectX pricing depends on its processing power, i.e. the number of CPUs you allocate for running the installation. There are no extra costs for processing or users - you can process all your data with the one installation. Contact us to discuss options.

Robust architecture

Users interact with it via a web browser or a RESTful API.  Queries are processed by processing units (PUs) that can reside either in one or many physical hosts.  For a quick access to on-premise logs, we recommend installing the SpectX block data API.  

SpectX architecture scheme
To sum up, SpectX is technology built from ground-up for rapidly querying unstructured data. You can now solve analysis tasks traditionally relying on large cloud computing resources using on-premise servers or even personal computers.

Latest article

Detecting Human Behaviour on BlueCoat Proxy Logs

This is the sequel to exploring BlueCoat proxy logs. Having defined their structure I now proceed to analyse actual log content. As my knowledge of the origin of these sample logs is limited, I'll try to extract as much information about the nature of proxy deployment, user behaviour and their geographical location.

Read more