Technology

How It Works

LogSlash is a new security method for reducing log volume that doesn't compromise any analytical capabilities. LogSlash collates repetitive log files into context-rich, single line summaries that enable faster, cheaper, and more secure SIEM analysis. It sits between your log producers and your existing log platform, and can be implemented into any existing logging infrastructure.

LogSlash intelligently apples a time-window based consolidation of similar logs using configurable transforms, so that logs can be easily standardized regardless of format or structure. The result is a much more efficient approach to traditional logging that significantly reduces compute and storage requirements while reducing noise and complexity in log data.


Lossless Processing & Normalization

LogSlash's lossless processing and header normalization enable faster and more efficient analysis across all of your log inputs, reducing the time and resources required to identify and mitigate cyber threats.


  • Reduce repetitive information and file with customizable context-rich summary lines
  • Intelligent NER model standardizes log header data to simplify analysis and reduce noise
  • Send full log files to Amazon Glacier for long-term data retention and compliance needs
    • Animated gif showing the LogSlash process

    Dashboard of a SIEM

    Cloud or On-Prem Implementation

    Keep your existing logging infrastructure in place and simply add LogSlash as a layer between your log producers and SIEM platform. Whether in the cloud or on-premise, LogSlash provides a seamless solution to achieve your security goals.


  • Logs can be batched through a cloud bucket, connected via stream, or managed on-prem
  • LogSlash can be scaled up or down as required, making it a flexible and cost-effective solution for organizations of all sizes
  • Get started in under five minutes
    • Dashboard of a SIEM

    Integrate with Your Chosen SIEM Provider

    LogSlash's direct integration with existing SIEM tools means that it can be quickly and easily configured without the need for expensive hardware, additional software installations, or changes to your compliance procedures and security posture.


  • Currently supports Splunk and Sentinel integration with more to come!
  • Customize batch times down to the minute to allow you to manage exactly how your logs are de-duplicated and sent to your SIEM provider
  • Reduced noise and complexity in log data with near real-time data analysis empowers you to correlate log events for better threat detection and response
    • Splunk logo

    Sentinel logo