Scanner is redefining threat hunting.
We can search through a full year of logs in seconds, giving us
visibility into an order of magnitude more data than before.
Analysis at this kind of scale is essential in the cloud era.
Built for Modern Log Volumes
Fast Investigations
Save valuable time during critical incidents. Find IP addresses in a
petabyte of logs, in seconds.
Unlimited Log Retention
Search years of historical logs within seconds without ever deleting
data again.
Unlock the Power
of Your Security Data
Log Search
Search for a needle-in-haystack across 100TB of logs in less than
10 seconds.
Results Investigation
Explore search results with customizable table columns and
result details.
Powerful Aggregations
Ability to create lots of aggregate metrics, something cliff
will write here.
Saved Queries
Instantly rerun important searches for your entire team.
Detections
Rapidly respond to security threats with out-of-the-box and fully
customizable detection rules and alerts.
Detections Index
View and search all detection events in a consolidated index.
Out-of-the-box Rules
Get started fast with common detection rules written by Scanner.
Detections as Code
Create and manage detection rules directly from GitHub.
Scanner API
Turn your logs in S3 into an API. Search your historical logs from
the tools you already use. Enrich alerts with historical context.
Splunk
Query logs from S3 directly inside Splunk, reducing up to 90% in
Splunk costs.
Grafana
Build dashboards, perform fast search, or connect traces to
logs.
Jupyter Notebooks
Perform powerful analysis for threat hunting and incident
response.