Documentation Index

Fetch the complete documentation index at: https://docs.hunters.ai/llms.txt

Use this file to discover all available pages before exploring further.

📢 Read the latest Release Notes to learn what's new on Hunters! 💡

Cerberus FTP Server

  • Updated on Jun 25, 2026
  • Published on Dec 14, 2025
Prev Next
Self Service Ingestion

Connect this data source on your own, using the Hunters platform.

TL;DR

Supported data types

3rd party detection

Hunters detection

IOC search

Search

Table name

Log format

Collection method

Cerberus proftpd

cerberus_proftpd_logs

NDJSON

S3

Cerberus SFTP Logs

cerberus-sftp-logs

Nested-json-Text

S3

Overview

Cerberus FTP is a secure and reliable file transfer server designed for businesses that need controlled, auditable, and encrypted file exchanges. It supports multiple protocols including FTP, FTPS, SFTP, and HTTPS, ensuring compatibility with most clients and automated workflows. Its key features include granular user and group permissions, event-driven automation for file handling, detailed logging and reporting, and integration with Active Directory for centralized authentication. Cerberus FTP is available for Windows and Linux, and emphasizes security with strong encryption, two-factor authentication, and compliance with standards like HIPAA and PCI. The product is suitable for IT teams managing sensitive data transfers, providing both a user-friendly interface and robust backend automation.  

Supported data types

Cerberus proftpd logs

Table name: cerberus_proftpd_logs

Cerberus FTP / ProFTPD logs are structured JSON entries capturing detailed server activity.

Learn more here.

Send data to Hunters

Hunters supports the ingestion of Harness logs via an intermediary AWS S3 bucket.

To connect Harness logs:

  1. Export your logs from Cerberus to an AWS S3 bucket by following this guide. Cerberus supports Syslog output based on UDP streaming.

  2. Once the export is completed and the logs are collected to S3, follow the steps in this section.

Expected format

Logs are expected in JSON format.

{"host":"host1","ident":"proftpd","pid":"-","msgid":"-","extradata":"-","message":"2025-12-14 00:00:04,673 mod_sftp/1.1.1[12345]: using '/etc/proftpd/ssh/ssh_host_ecdsa_key' as 256-bit ECDSA hostkey (256 bits)"}
{"host":"host1","ident":"proftpd","pid":"-","msgid":"-","extradata":"-","message":"2025-12-14 00:00:04,674 mod_sftp/1.1.1[12345]: client (1.2.3.4:12345) connected to server (10.0.0.1:2222)"}

Cerberus SFTP Logs

Table name: cerberus_sftp_logs

Cerberus FTP Server's SFTP logs provide a detailed record of all Secure File Transfer Protocol (SFTP) activity occurring on the server. These logs capture information such as connection attempts, user authentication successes and failures, SSH key authentication events, file uploads and downloads, file deletions, renames, directory operations, session start and end times, client IP addresses, and protocol-specific details. Each log entry typically includes a timestamp, log level (such as INFO, WARN, or ERROR), a session identifier, the client IP address, the username, and a description of the event. Cerberus stores these logs in its designated log directory and supports log rotation to manage file size. Administrators can use the logs for troubleshooting transfer problems, auditing user activity, monitoring security events, tracking file movements, and ensuring compliance requirements are met. For deeper troubleshooting, the logging level can be increased to DEBUG mode, which records more detailed SSH and SFTP protocol interactions, although this generates significantly larger log files. Overall, Cerberus SFTP logs serve as a comprehensive audit trail that helps administrators understand user behavior, diagnose issues, and maintain the security and reliability of file transfer operations.

Learn more here.

Send data to Hunters

Hunters supports the ingestion of Cerberus SFTP Logs via an intermediary AWS S3 bucket.

To connect Cerberus SFTP Logs:

  1. Export your logs from Cerberus SFTP Logs to an AWS S3 bucket by following this guide.

  2. Once the export is completed and the logs are collected to S3, follow the steps in this section.

Expected format

Logs are expected in Nested-Json-Text format.

{"message":"SYSTEM 20260819 16:07:00     [00000] - [0.0.0.0]:client_b -  Setting file date/time for 'E:\Sample SFTP\client_b\folder_b\client_b\Raw\20260819 Employee Details.csv' ","source_ip":"0.0.0.0"}
{"message":"CONNECT 20260819 16:07:00     [00000] - [0.0.0.0]: -  Connection terminated ","source_ip":"0.0.0.0"}
{"message":"INFO  20260819 16:07:00     [00000] - [0.0.0.0]:client_b -  Stat failed for /folder/20260819 Employee Details.csv: The requested file does not exist ","source_ip":"0.0.0.0"}
{"message":"SYSTEM 20260819 16:07:00     [00000] - [0.0.0.0]:client_a -  Handle '/client_a/SepPart_20260819/john.doe/Items.1.000.john.doe_20260819.zip' closed ","source_ip":"0.0.0.0"}
{"message":"CONNECT 20260819 16:07:00     [00000] - [0.0.0.0]:client_c -  Connection terminated ","source_ip":"0.0.0.0"}