NeoShield Security logo NeoShield Security Quantum X

// tool reference · Monitoring & Detection

SOC Console Business

Multi-tenant log ingestion, rule-based detection and alerting.

Open SOC Console →


What it does

The multi-tenant SOC surface — ingestion, detections, incidents and AI triage. Superseded by the unified SOC Operations console.

When to use it

What you get back

Incidents, detections, entity risk and alerting.

Worked example

Input

(continuous ingestion via POST /api/logs/ingest)

Output (abridged)

INCIDENTS (open)
  inc_4f2a  HIGH  Brute-force -> success   srv-01   203.0.113.45
  inc_4f31  MED   Impossible travel        user@corp

ENTITY RISK
  srv-01      78  high    4 detections / 24h
  user@corp   41  medium  1 detection

Unlike the Log Analyzer, this PERSISTS -- it has to, because correlation
over time is the whole point. Data is partitioned by tenant and derived
from your API key, never from a request field.

How it works

Deterministic detection on ingest; AI triage on a schedule.

Limits

Read live from the platform configuration.

Rate limit30 requests / 60s (platform default)

Limitations — what it does not do

Detection quality depends on what you ingest. It cannot correlate a log you never sent. Start with authentication events -- highest signal per byte.

Privacy

Ingested events ARE stored, partitioned by tenant. This is the one analysis path that persists by design — it has to, to correlate over time.

Standards

MITRE ATT&CKSOC 2 (CC7.2)

Related tools

← All tools Manual home