Log Analyzer

SpectX is software for parsing and analysing raw logs and any other unstructured data.  With it, security analysts can quickly dig into any volumes of data and find the root cause of an incident, suspicious activities in their systems or simply a couple of specific records they need. Even if it's unique data you've never met before, SpectX makes it easy to parse, enrich and join the data to get quick visibility into whatever is going on.

Quickly from an idea to results 

You can now solve analysis tasks traditionally relying on large cloud computing resources using on-premise servers or even your desktop. The key here  - SpectX skips the ingestion/ indexing phase. Plaintext log files don't have to be imported first. Simply download and point SpectX to your data and get querying.
The underlying parsing engine allows you to play around with typified records in seconds instead of hours or even days. The average parsing speed being 350 megabytes per second per CPU core. 

Parse even the most unique and volatile logs

There's no regex involved, instead, you can only describe the fields you need for that specific query with an intuitive pattern matching language. Multiple charsets and timestamp formats, calculating country codes and ASN-numbers from  IP-addresses, working with compressed data, catching unmatched bytes - SpectX allows you to flexibly describe even the most unique and volatile datasets.

No volume limits. Unlimited users

A SpectX installation makes all the data you have access to, instantly analysable. As there is no ingestion, there's also no price tag on volumes or the need to plan resources for indexed data. On-prem, cloud, Hadoop clusters, JDBC-databases, production servers, Elastic clusters or anything that speaks http - SpectX gives you a quick unified view of all these storages and technologies.

API to give you wings

In addition to the browser-based interface, every query can be easily executed via the RESTful API. This opens the doors to flexible query automation and enterprise application integration. Users can insert parameters via the API (eg. customer ID or) and get a limited result they're allowed to see. Naturally, SpectX produces logs of its own so all the queries and activities of your users are auditable.

To learn more and see whether SpectX is a fit for your specific use case, book a demo or explore the documentation and play around with the 30-day trial.

Latest article

Parsing Windows 2008 DNS Debug Logs

Parsing Windows DNS logs can be a challenge. If your server runs post-2012 software, you are probably good as the output is formatted into Windows event logs. However, if you're up against an earlier version than Microsoft Server 2012 r2, then the output in plaintext log files is challenging to make sense of both for humans (developers) and machines. Here's how to parse Windows 2008 DNS debug logs quickly with SpectX.

Read more