Skip to main content

Functional requirements

The following requirements should be fulfilled:

  • Drop-in replacement for punchplatform / cybels analytics
  • Should fully integrate with Qradar
  • The following functionality should be available
    • buffering (in case of congestion/network outage/component failures)
    • filtering (should be possible anywhere in the pipeline)
    • logs should be searchable in a database-like datalake
    • logs should be stored to cold storage
    • encryption of data in transit AND data at rest should be supported
    • high availability, system should be able to fully recover from any type of intermittent failure
    • Redundancy: components should be replacable without service-degradation.
    • Solution should be platform-independent (OS/Hardware agnostic)
    • Components must be supported on latest OS/patchlsevels.
    • Components should be in active development/support.
    • platform should support log-transformation to meet Qradar log-standards
    • Each part of the data-pipeline should be auditable/monitorable.
    • Multi tenancy
    • Proven technology

Back to top