Lumos

  • Published on Aug 4, 2025
Prev Next

TL;DR

Supported data types

3rd party Detection

Hunters detection

IOC search

Search

Table name

Log format

Collection method

Lumos Activity logs

✅

lumos_activity_logs

NDJSON

Webhook

Overview

Lumos is a SaaS cybersecurity platform specializing in autonomous identity governance and access management.

Designed to secure modern cloud environments, Lumos helps organizations manage user permissions, enforce policies, and automate access lifecycle processes seamlessly. Built on robust AWS infrastructure. it offers enterprise-grade security with SOC 2 compliance, encryption, and continuous monitoring. Lumos integrates easily with popular platforms like Office 365 and Google Workspace, providing real-time visibility and control over identities and privileges. Its powerful automation and risk management capabilities enable businesses to reduce security risks while improving operational efficiency.

Supported data types

Lumos Activity logs

Table name: lumos_activity_logs

Lumos Activity Logs provide detailed records of user actions and events within the Lumos platform. These logs capture key information such as event types, timestamps, and actor details (including email, name, and actor type), enabling organizations to audit access requests, approvals, and system activity. The logs are structured in JSON format and can be integrated into security pipelines or SIEM tools for monitoring, compliance, and threat detection purposes.

Send data to Hunters

Hunters supports the ingestion of Lumos logs via webhook

To connect Lumos logs:

  1. Approach Hunters support to receive a URL and a bearer token to configure a Webhook on Lumos.

  2. Go to Lumos Admin Console.

  3. Navigate to Integrations or Settings → Webhooks.

  4. Create a new webhook endpoint:

    • Provide the URL (you received from Hunters Support)

    • Set event types you want to subscribe to (e.g., access requests, logins, approvals)

    • Choose the authentication method (optional)

  5. Save and test the webhook to confirm delivery.

Expected format

Logs are expected in JSON format.

{ "event_hash": "REDACTED_HASH", "event_type": "SEND_REQUEST_APPROVAL_FOR_ACCESS_REQUEST_EMAIL", "outcome": "SUCCEEDED", "event_type_user_friendly": "Requested Approval", "actor": { "actor_type": "Lumos" }, "targets": [ { "target_type": "User", "email": "user1@example.com", "given_name": "FirstName1", "family_name": "LastName1" }, { "target_type": "Access Request", "uuid": "uuid-access-request-1", "target_user": { "email": "user2@example.com", "given_name": "FirstName2", "family_name": "LastName2" }, "requester_user": { "email": "user2@example.com", "given_name": "FirstName2", "family_name": "LastName2" }, "app": { "uuid": "uuid-app-1", "app_id": "app.example.com", "instance_id": "instance.example.com", "user_friendly_label": "ExampleApp" }, "access_length": "Unlimited", "permissions": [ { "label": "Read-only Administrator", "value": "Read-only Administrator", "type": "GROUP", "source": "SOURCE_SYSTEM", "group_id": "group-id-1" } ], "business_justification": "Business justification goes here" } ], "event_began_at": "2025-07-24T11:33:59.669006", "event_metadata": {} }