Skip to content

SIEM

The SIEM your insurer wants

Every log source from every customer, ingested every few minutes, retained for compliance windows, audit-trailed end to end. Built for MSPs — priced by identity, not by ingestion volume.

What’s included:

  • Microsoft 365, Google Workspace, sign-in logs, audit feeds
  • Per-identity pricing — no surprise event bills (see Pricing)
  • Audit-trail retention matched to typical cyber-insurance carrier requirements

Full feature detail and architecture walkthrough coming soon. In the meantime, see the audit logging docs for how Hal handles M365 and Google Workspace audit feeds.