# Hunters

> Knowledge base documentation for Hunters.

## External

- [What is Hunters](https://docs.hunters.ai/docs/what-is-hunters.md): Hunters SOC Platform empowers security teams to automatically identify and respond to incidents that matter across their entire attack surface.
- [Ingestion](https://docs.hunters.ai/docs/ingestion.md)
- [Detection](https://docs.hunters.ai/docs/detection.md)
- [Automatic investigation](https://docs.hunters.ai/docs/automatic-investigation.md)
- [Correlation](https://docs.hunters.ai/docs/correlation.md)
- [Hunters service limits](https://docs.hunters.ai/docs/hunters-service-limits.md)
- [Migrate to Hunters](https://docs.hunters.ai/docs/migrate-to-hunters.md)
- [Connect your Snowflake to Hunters](https://docs.hunters.ai/docs/connect-your-snowflake-to-hunters.md)
- [Reduce Snowflake cost](https://docs.hunters.ai/docs/reduce-snowflake-cost.md)
- [Custom data source](https://docs.hunters.ai/docs/custom-data-source.md)
- [Connect data using API/webhook](https://docs.hunters.ai/docs/connect-a-data-source-using-apiwebhook.md)
- [STEP 1: Create an S3 bucket](https://docs.hunters.ai/docs/step-1-create-an-s3-bucket-1.md)
- [STEP 2: Direct logs](https://docs.hunters.ai/docs/step-2-direct-logs.md)
- [STEP 3: Set up bucket access](https://docs.hunters.ai/docs/step-3-set-up-bucket-access-2.md)
- [OPTION 1: Set up streaming using SQS](https://docs.hunters.ai/docs/option-1-set-up-streaming-using-sqs.md)
- [OPTION 2: Set up streaming using SNS](https://docs.hunters.ai/docs/option-2-set-up-streaming-using-sns.md)
- [About on-prem data connection](https://docs.hunters.ai/docs/about-on-prem-data-connection.md)
- [Fluentd](https://docs.hunters.ai/docs/fluentd.md)
- [Syslog-ng](https://docs.hunters.ai/docs/syslog-ng.md)
- [Connect data through GCP](https://docs.hunters.ai/docs/connect-data-through-gcp.md)
- [Connect data through Azure Storage](https://docs.hunters.ai/docs/connect-data-through-azure-storage.md)
- [Connect data through Oracle Cloud](https://docs.hunters.ai/docs/connect-data-through-oracle-cloud.md)
- [Connect data through Azure Event Hub](https://docs.hunters.ai/docs/connect-data-through-azure-event-hub.md)
- [Sophos XG](https://docs.hunters.ai/docs/sophos-xg.md)
- [Extreme NAC](https://docs.hunters.ai/docs/extreme-nac.md)
- [Check Point (Traffic, Email Security, EDR)](https://docs.hunters.ai/docs/check-point.md)
- [1Password](https://docs.hunters.ai/docs/1password.md)
- [Acalvio](https://docs.hunters.ai/docs/acalvio.md)
- [Alibaba](https://docs.hunters.ai/docs/alibaba.md)
- [Anomali](https://docs.hunters.ai/docs/anomali.md)
- [Apache2](https://docs.hunters.ai/docs/apache2.md): Ingest Apache2 logs into Hunters’ next-gen SIEM to detect threats, investigate activity, and correlate web traffic data with your broader attack surface.
- [Appgate SDP](https://docs.hunters.ai/docs/appgate-sdp.md)
- [Aqua Security](https://docs.hunters.ai/docs/aqua.md)
- [Area 1](https://docs.hunters.ai/docs/area-1.md)
- [Armis](https://docs.hunters.ai/docs/armis.md)
- [Armorblox](https://docs.hunters.ai/docs/armorblox.md)
- [Astrix](https://docs.hunters.ai/docs/astrix.md)
- [Atlassian (Jira / Confluence)](https://docs.hunters.ai/docs/atlassian.md)
- [Auth0](https://docs.hunters.ai/docs/auth0.md)
- [Abnormal](https://docs.hunters.ai/docs/abnormal.md)
- [Akamai](https://docs.hunters.ai/docs/akamai.md)
- [AWS CloudTrail](https://docs.hunters.ai/docs/aws-cloudtrail.md)
- [AWS GuardDuty](https://docs.hunters.ai/docs/aws-guard-duty.md)
- [AWS CloudWatch](https://docs.hunters.ai/docs/aws-cloudwatch.md)
- [AWS Config](https://docs.hunters.ai/docs/aws-config.md)
- [AWS WAF](https://docs.hunters.ai/docs/aws-waf-logs.md)
- [AWS VPC Flow Logs](https://docs.hunters.ai/docs/aws-vpc-flow-logs.md)
- [AWS ELB Logs](https://docs.hunters.ai/docs/aws-elb-logs.md)
- [AWS NLB Logs](https://docs.hunters.ai/docs/aws-nlb-logs.md)
- [AWS Inspector](https://docs.hunters.ai/docs/aws-inspector.md)
- [AWS EKS Control Plane Logging](https://docs.hunters.ai/docs/aws-eks-control-plane-logging.md)
- [AWS RDS Aurora](https://docs.hunters.ai/docs/aws-rds-aurora.md)
- [AWS Route53](https://docs.hunters.ai/docs/aws-route53.md)
- [AWS S3 Server Access Logs](https://docs.hunters.ai/docs/aws-s3-server-access-logs.md)
- [AWS Client VPN Connection Logs](https://docs.hunters.ai/docs/aws-client-vpn-connection-logs.md)
- [AWS Transit Gateway Flow logs](https://docs.hunters.ai/docs/aws-transit-gateway-flow-logs.md)
- [AWS Network Firewall](https://docs.hunters.ai/docs/aws-network-firewall-logs.md)
- [STEP 1: Create an S3 bucket](https://docs.hunters.ai/docs/step-1-create-an-s3-bucket.md)
- [STEP 2: Direct logs into the bucket](https://docs.hunters.ai/docs/step-2-direct-logs-into-the-bucket.md)
- [STEP 3: Set up bucket access](https://docs.hunters.ai/docs/step-3-set-up-bucket-access-1.md)
- [OPTION 1: Set up streaming using SQS](https://docs.hunters.ai/docs/option-1-setup-streaming-using-sqs.md)
- [OPTION 2: Set up streaming using SNS](https://docs.hunters.ai/docs/option-2-setup-streaming-using-sns.md)
- [OPTIONAL: Connect CloudWatch to S3 using Lambda](https://docs.hunters.ai/docs/connect-cloudwatch-to-s3-using-lambda.md)
- [Troubleshooting S3 Ingestion](https://docs.hunters.ai/docs/troubleshooting-s3-ingestion.md)
- [Aviatrix](https://docs.hunters.ai/docs/aviatrix.md)
- [Axis Security](https://docs.hunters.ai/docs/axis.md)
- [Barracuda](https://docs.hunters.ai/docs/barracuda.md)
- [Bitwarden](https://docs.hunters.ai/docs/bitwarden.md)
- [BeyondTrust](https://docs.hunters.ai/docs/beyondtrust.md)
- [BeyondTrust Remote Support](https://docs.hunters.ai/docs/beyondtrust-remote-support.md)
- [BIND DNS](https://docs.hunters.ai/docs/bind-dns.md)
- [Blackberry](https://docs.hunters.ai/docs/blackberry.md)
- [BlueCat](https://docs.hunters.ai/docs/bluecat-1.md)
- [Box](https://docs.hunters.ai/docs/box.md)
- [Breez](https://docs.hunters.ai/docs/breeze.md)
- [Bricata NDR](https://docs.hunters.ai/docs/bricata-ndr.md)
- [Cato Networks](https://docs.hunters.ai/docs/cato-networks.md)
- [Cerberus FTP](https://docs.hunters.ai/docs/cerberus.md)
- [Cisco IOS](https://docs.hunters.ai/docs/cisco-ios.md)
- [Cisco Vulnerability](https://docs.hunters.ai/docs/cisco-vulnerability-management.md)
- [Cisco AMP](https://docs.hunters.ai/docs/cisco-amp.md)
- [Cisco AnyConnect NVM](https://docs.hunters.ai/docs/cisco-anyconnect-nvm.md)
- [Cisco ESA Ironport](https://docs.hunters.ai/docs/cisco-esa-ironport.md)
- [Cisco Firewall](https://docs.hunters.ai/docs/cisco-firewall.md)
- [Cisco ISE](https://docs.hunters.ai/docs/cisco-ise.md)
- [Cisco Meraki](https://docs.hunters.ai/docs/cisco-meraki.md)
- [Cisco Switch](https://docs.hunters.ai/docs/cisco-switch.md)
- [Cisco Umbrella](https://docs.hunters.ai/docs/cisco-umbrella.md)
- [Cisco VPN](https://docs.hunters.ai/docs/cisco-vpn.md)
- [Cisco WLC](https://docs.hunters.ai/docs/cisco-wlc.md)
- [Citrix NetScaler](https://docs.hunters.ai/docs/citrix-netscaler.md)
- [Claroty](https://docs.hunters.ai/docs/claroty.md)
- [Claroty xDome](https://docs.hunters.ai/docs/claroty-xdome.md)
- [Lumos](https://docs.hunters.ai/docs/lumos.md)
- [Cloudflare](https://docs.hunters.ai/docs/cloudflare.md)
- [Databricks](https://docs.hunters.ai/docs/databricks.md)
- [CloudSEK](https://docs.hunters.ai/docs/cloudsek.md)
- [Code42](https://docs.hunters.ai/docs/code42.md)
- [Cofense](https://docs.hunters.ai/docs/cofense.md)
- [Corelight Suricata](https://docs.hunters.ai/docs/corelight-suricata.md)
- [CrowdStrike Raw Events](https://docs.hunters.ai/docs/crowdstrike-raw-events.md)
- [CrowdStrike Devices](https://docs.hunters.ai/docs/crowdstrike-devices.md)
- [CrowdStrike Identity Based Alerts](https://docs.hunters.ai/docs/crowdstrike-identity-based-alerts.md)
- [CrowdStrike Mobile](https://docs.hunters.ai/docs/crowdstrike-mobile.md)
- [CrowdStrike Spotlight](https://docs.hunters.ai/docs/crowdstrike-spotlight.md)
- [CrowdStrike Indicators](https://docs.hunters.ai/docs/crowdstrike-indicators.md)
- [CrowdStrike FileVantage](https://docs.hunters.ai/docs/crowdstrike-filevantage.md)
- [CrowdStrike Falcon Event Streams](https://docs.hunters.ai/docs/crowdstrike-falcon-event-streams.md)
- [CrowdStrike Alerts](https://docs.hunters.ai/docs/crowdstrike-alerts.md)
- [CyberArk](https://docs.hunters.ai/docs/cyberark.md)
- [Cybereason](https://docs.hunters.ai/docs/cybereason.md)
- [CyberHaven](https://docs.hunters.ai/docs/cyberhaven.md)
- [Cyera](https://docs.hunters.ai/docs/cyera.md)
- [Cyren](https://docs.hunters.ai/docs/cyren.md)
- [Darktrace](https://docs.hunters.ai/docs/darktrace.md)
- [Delinea Cloud Suite Insights & Audit Logs](https://docs.hunters.ai/docs/delinea.md)
- [Duo Security](https://docs.hunters.ai/docs/duo-security.md)
- [FireEye](https://docs.hunters.ai/docs/fireeye.md)
- [Edgescan](https://docs.hunters.ai/docs/edgescan.md)
- [F5 BIG-IP](https://docs.hunters.ai/docs/f5-big-ip.md)
- [Forcepoint](https://docs.hunters.ai/docs/forcepoint.md)
- [Forescout](https://docs.hunters.ai/docs/clone-forescout.md)
- [Fortinet](https://docs.hunters.ai/docs/fortinet.md)
- [Fastly WAF](https://docs.hunters.ai/docs/fastly.md)
- [FastTrack (Admin By Request)](https://docs.hunters.ai/docs/fasttrack.md)
- [Agari](https://docs.hunters.ai/docs/agari.md)
- [Alert Logic WSM](https://docs.hunters.ai/docs/alert-logic-wsm.md)
- [Genesys Cloud CX](https://docs.hunters.ai/docs/genesys-cloud-cx.md)
- [GitHub](https://docs.hunters.ai/docs/github.md)
- [GitLab](https://docs.hunters.ai/docs/gitlab.md)
- [Google Workspace (G Suite)](https://docs.hunters.ai/docs/google-workspace.md)
- [GCP V2 Security Command Center Logs](https://docs.hunters.ai/docs/gcp-v2-security-command-center-logs.md)
- [GCP Audit Logs](https://docs.hunters.ai/docs/google-cloud-platform-gcp.md)
- [GCP Security Command Center Logs](https://docs.hunters.ai/docs/connect-security-command-center-logs.md)
- [Harness IO](https://docs.hunters.ai/docs/harness-io.md)
- [Halcyon](https://docs.hunters.ai/docs/halcyon.md)
- [HPE Aruba Networking](https://docs.hunters.ai/docs/hpe-aruba-networking.md)
- [iboss](https://docs.hunters.ai/docs/iboss.md)
- [Imperva](https://docs.hunters.ai/docs/imperva.md)
- [Infoblox](https://docs.hunters.ai/docs/infoblox.md)
- [Ironscales](https://docs.hunters.ai/docs/ironscales.md)
- [Island](https://docs.hunters.ai/docs/island.md)
- [Jamf Protect](https://docs.hunters.ai/docs/jamf-protect.md)
- [Jamf Pro](https://docs.hunters.ai/docs/jamf.md)
- [JumpCloud](https://docs.hunters.ai/docs/jumpcloud.md)
- [Juniper Networks](https://docs.hunters.ai/docs/juniper-networks.md)
- [Kandji](https://docs.hunters.ai/docs/kandji.md)
- [Kaspersky Security Logs (On Prem / Cloud)](https://docs.hunters.ai/docs/kaspersky.md)
- [Keeper](https://docs.hunters.ai/docs/keeper.md)
- [Keycloak](https://docs.hunters.ai/docs/keycloak.md)
- [KnowBe4](https://docs.hunters.ai/docs/knowbe4.md)
- [Kubernetes](https://docs.hunters.ai/docs/kubernetes.md)
- [Lacework](https://docs.hunters.ai/docs/lacework.md)
- [Lansweeper](https://docs.hunters.ai/docs/lansweeper.md)
- [LastPass](https://docs.hunters.ai/docs/lastpass.md)
- [Linux](https://docs.hunters.ai/docs/linux-logs.md)
- [Lookout](https://docs.hunters.ai/docs/lookout.md)
- [Manage Engine](https://docs.hunters.ai/docs/manage-engine.md)
- [Malwarebytes Nebula](https://docs.hunters.ai/docs/malwarebytes-nebula.md)
- [ManageEngine ADAudit Plus](https://docs.hunters.ai/docs/manageengine-adaudit-plus.md)
- [McAfee MVISION Cloud](https://docs.hunters.ai/docs/mcafee-mvision-cloud.md)
- [Microsoft Windows Firewall Logs](https://docs.hunters.ai/docs/microsoft-windows-firewall-logs.md)
- [Active Directory Users](https://docs.hunters.ai/docs/active-directory-users.md)
- [Microsoft Windows DNS Debug Logs](https://docs.hunters.ai/docs/microsoft-windows-dns-debug-logs.md)
- [Windows DNS (Channel / Debug Json logs)](https://docs.hunters.ai/docs/windows-dns-logs.md)
- [Microsoft Windows Event Logs](https://docs.hunters.ai/docs/microsoft-windows-event-logs.md)
- [Microsoft Exchange](https://docs.hunters.ai/docs/microsoft-exchange.md)
- [Microsoft IIS W3C](https://docs.hunters.ai/docs/iis-w3c.md)
- [Azure Network Firewall logs](https://docs.hunters.ai/docs/azure-network-firewall-logs.md)
- [Azure Virtual Network Flow Logs](https://docs.hunters.ai/docs/azure-virtual-network-flow-logs.md)
- [Azure Activity Logs](https://docs.hunters.ai/docs/azure-activity-logs.md)
- [Azure Audit Logs](https://docs.hunters.ai/docs/azure-audit.md)
- [Azure Signin Logs](https://docs.hunters.ai/docs/azure-signin-logs.md)
- [Azure NSG Flow Logs](https://docs.hunters.ai/docs/azure-nsg-flow-logs.md)
- [Microsoft Purview Logs](https://docs.hunters.ai/docs/microsoft-purview-logs.md)
- [Azure Kubernetes Service Logs](https://docs.hunters.ai/docs/azure-kubernetes-service-logs.md)
- [Azure Application Gateway Firewall Logs](https://docs.hunters.ai/docs/azure-application-gateway-firewall.md)
- [Microsoft Graph](https://docs.hunters.ai/docs/microsoft-graph.md)
- [Microsoft Intune](https://docs.hunters.ai/docs/microsoft-intune.md)
- [Microsoft Azure AD](https://docs.hunters.ai/docs/microsoft-azure-ad-users.md)
- [Microsoft 365 Defender](https://docs.hunters.ai/docs/microsoft-365-defender.md)
- [Microsoft Defender](https://docs.hunters.ai/docs/microsoft-defender.md)
- [STEP 1: Register application (o365-audit-logs)](https://docs.hunters.ai/docs/step-1-register-your-application.md)
- [STEP 2: Retrieve authorization code (o365-audit-logs)](https://docs.hunters.ai/docs/step-2-retrieve-authorization-code.md)
- [STEP 3: Get a refresh token (o365-audit-logs)](https://docs.hunters.ai/docs/step-3-get-a-refresh-token.md)
- [STEP 4: Enable auditing (o365-audit-logs)](https://docs.hunters.ai/docs/step-4-enable-auditing.md)
- [STEP 5: Start subscriptions (o365-audit-logs)](https://docs.hunters.ai/docs/step-5-start-subscriptions.md)
- [STEP 6: Deliver keys to Hunters (o365-audit-logs)](https://docs.hunters.ai/docs/step-6-deliver-keys-to-hunters.md)
- [STEP 1: Register application (microsoft-message-trace-report)](https://docs.hunters.ai/docs/step-1-register-your-application-1.md)
- [Mimecast V2](https://docs.hunters.ai/docs/mimecast-v2.md)
- [Mimecast](https://docs.hunters.ai/docs/mimecast.md)
- [Mikrotik](https://docs.hunters.ai/docs/mikrotik.md)
- [MOVEit](https://docs.hunters.ai/docs/moveit.md)
- [Mulesoft](https://docs.hunters.ai/docs/mulesoft.md)
- [NetApp](https://docs.hunters.ai/docs/netapp.md)
- [NetIQ](https://docs.hunters.ai/docs/netiq.md)
- [Netography](https://docs.hunters.ai/docs/netography.md)
- [Netscout Arbor](https://docs.hunters.ai/docs/netscout-arbor.md)
- [Netskope](https://docs.hunters.ai/docs/netskope.md)
- [NGINX](https://docs.hunters.ai/docs/nginx.md)
- [NinjaOne](https://docs.hunters.ai/docs/ninjaone.md)
- [Kiteworks](https://docs.hunters.ai/docs/kiteworks.md)
- [Normalyze](https://docs.hunters.ai/docs/normalyze.md)
- [Nozomi Networks](https://docs.hunters.ai/docs/nozomi-networks.md)
- [Nutanix](https://docs.hunters.ai/docs/nutanix.md)
- [Obsidian](https://docs.hunters.ai/docs/obsidian.md)
- [Okta](https://docs.hunters.ai/docs/okta.md)
- [Onapsis](https://docs.hunters.ai/docs/onapsis.md)
- [OneLogin](https://docs.hunters.ai/docs/onelogin.md)
- [OpenCTI](https://docs.hunters.ai/docs/opencti.md)
- [OpenStack](https://docs.hunters.ai/docs/openstack.md)
- [OpenVPN](https://docs.hunters.ai/docs/openvpn.md)
- [Orca](https://docs.hunters.ai/docs/orca.md)
- [Osquery](https://docs.hunters.ai/docs/osquery.md)
- [Palo Alto Strata Logs](https://docs.hunters.ai/docs/palo-alto-strata-logs.md)
- [NGFW and GlobalProtect](https://docs.hunters.ai/docs/ngfw-and-globalprotect.md)
- [Prisma](https://docs.hunters.ai/docs/prisma.md)
- [Cortex XDR](https://docs.hunters.ai/docs/cortex-xdr.md)
- [Perception Point](https://docs.hunters.ai/docs/perceptionpoint.md)
- [pfSense](https://docs.hunters.ai/docs/pfsense.md)
- [Proofpoint](https://docs.hunters.ai/docs/proofpoint.md)
- [ProLion](https://docs.hunters.ai/docs/prolion-cryptospike-logs.md)
- [Ping Identity](https://docs.hunters.ai/docs/ping-identity.md)
- [ProtectWise](https://docs.hunters.ai/docs/protectwise.md)
- [PulseSecure](https://docs.hunters.ai/docs/pulsesecure.md)
- [Qualys](https://docs.hunters.ai/docs/qualys.md)
- [RH-Isac](https://docs.hunters.ai/docs/rh-isac.md)
- [SailPoint](https://docs.hunters.ai/docs/sailpoint.md)
- [Salesforce](https://docs.hunters.ai/docs/salesforce.md)
- [Seraphic Security](https://docs.hunters.ai/docs/seraphic-security.md)
- [strongDM](https://docs.hunters.ai/docs/strongdm.md)
- [Salt Security](https://docs.hunters.ai/docs/salt-security.md)
- [SAP](https://docs.hunters.ai/docs/sap.md)
- [Semperis](https://docs.hunters.ai/docs/semperis.md)
- [SentinelOne](https://docs.hunters.ai/docs/sentinelone.md)
- [Sekoia TAXII Feed](https://docs.hunters.ai/docs/sekoia-taxii-feed.md)
- [Signal Sciences](https://docs.hunters.ai/docs/signal-sciences.md)
- [Silverfort](https://docs.hunters.ai/docs/silverfort.md)
- [Silver Peak](https://docs.hunters.ai/docs/silverpeak.md)
- [Squid Proxy](https://docs.hunters.ai/docs/squid-proxy.md)
- [Oracle](https://docs.hunters.ai/docs/oracle.md)
- [Skyhigh](https://docs.hunters.ai/docs/skyhigh.md)
- [Slack](https://docs.hunters.ai/docs/slack.md)
- [Snowflake](https://docs.hunters.ai/docs/snowflake.md)
- [Solarwinds](https://docs.hunters.ai/docs/solarwinds.md)
- [SonicWall](https://docs.hunters.ai/docs/sonicwall.md)
- [Sophos Central](https://docs.hunters.ai/docs/sophos-central.md)
- [STIX-TAXII](https://docs.hunters.ai/docs/stix-taxii.md)
- [Stormshield](https://docs.hunters.ai/docs/stormshield.md)
- [Stream Security](https://docs.hunters.ai/docs/stream.md)
- [Symantec](https://docs.hunters.ai/docs/symantec.md)
- [Sysdig V1](https://docs.hunters.ai/docs/sysdigv1.md)
- [Sysdig Next Gen (new API v2)](https://docs.hunters.ai/docs/sysdignextgen.md)
- [Surf](https://docs.hunters.ai/docs/surf.md)
- [Tailscale](https://docs.hunters.ai/docs/tailscale.md)
- [Teleport](https://docs.hunters.ai/docs/teleport.md)
- [Tenable.io](https://docs.hunters.ai/docs/tenableio.md)
- [Thales Cipher Trust](https://docs.hunters.ai/docs/thales-cipher-trust.md)
- [Thinkst Canary](https://docs.hunters.ai/docs/thinkst-canary.md)
- [ThreatX WAF](https://docs.hunters.ai/docs/threatx-waf.md)
- [Thycotic](https://docs.hunters.ai/docs/thycotic.md)
- [Tines](https://docs.hunters.ai/docs/tines.md)
- [Trend Micro](https://docs.hunters.ai/docs/trendmicro.md)
- [Twingate](https://docs.hunters.ai/docs/twingate.md)
- [Upwind Security](https://docs.hunters.ai/docs/upwind.md)
- [Upguard](https://docs.hunters.ai/docs/upguard.md)
- [Veeam Backup and Replication](https://docs.hunters.ai/docs/veeam-backup-and-replication-logs.md)
- [Vectra](https://docs.hunters.ai/docs/vectra.md)
- [Very Good Security](https://docs.hunters.ai/docs/very-good-security.md)
- [Vicarius](https://docs.hunters.ai/docs/vicarius.md)
- [VMware](https://docs.hunters.ai/docs/vmware-logs.md)
- [VMware Carbon Black](https://docs.hunters.ai/docs/vmware-carbon-black.md)
- [Watchguard](https://docs.hunters.ai/docs/watchguard.md)
- [Wazuh](https://docs.hunters.ai/docs/wazuh.md)
- [Wiz](https://docs.hunters.ai/docs/wiz.md)
- [Gem Security](https://docs.hunters.ai/docs/gem-security.md)
- [Workday](https://docs.hunters.ai/docs/workday.md)
- [Zeek](https://docs.hunters.ai/docs/zeek.md)
- [ZeroFox](https://docs.hunters.ai/docs/zerofox.md)
- [zero-networks](https://docs.hunters.ai/docs/zero-networks.md)
- [Zoom](https://docs.hunters.ai/docs/zoom.md)
- [Zscaler Deception Logs](https://docs.hunters.ai/docs/zscaler-deception-logs.md)
- [Zscaler Internet Access (ZIA)](https://docs.hunters.ai/docs/zscaler-internet-access-zia.md)
- [Zscaler Private Access (ZPA)](https://docs.hunters.ai/docs/zscaler-private-access-zpa.md)
- [Tanium](https://docs.hunters.ai/docs/tanium.md)
- [ServiceNow](https://docs.hunters.ai/docs/servicenow.md)
- [IBM](https://docs.hunters.ai/docs/ibm.md)
- [Cohesity](https://docs.hunters.ai/docs/cohesity.md)
- [Troubleshooting data sources](https://docs.hunters.ai/docs/troubleshooting-data-source.md)
- [About Leads](https://docs.hunters.ai/docs/about-leads.md)
- [The anatomy of a lead](https://docs.hunters.ai/docs/the-anatomy-of-a-lead.md)
- [View leads](https://docs.hunters.ai/docs/view-leads.md)
- [Explore involved entities](https://docs.hunters.ai/docs/explore-involved-entities.md)
- [Explore lead risk score](https://docs.hunters.ai/docs/explore-lead-risk-score.md)
- [Explore attributes](https://docs.hunters.ai/docs/explore-attributes.md)
- [Explore lead enrichments and activity](https://docs.hunters.ai/docs/explore-lead-enrichments.md)
- [Pathfinder Explain](https://docs.hunters.ai/docs/ai-powered-alert-assistant.md)
- [Triage leads](https://docs.hunters.ai/docs/triage-leads.md)
- [About Threat Clusters](https://docs.hunters.ai/docs/about-threat-clusters.md)
- [View threat clusters](https://docs.hunters.ai/docs/view-threat-clusters.md)
- [Investigate threat clusters](https://docs.hunters.ai/docs/investigate-threat-clusters.md)
- [Triage threat clusters](https://docs.hunters.ai/docs/triage-threat-clusters.md)
- [About Stories](https://docs.hunters.ai/docs/about-stories.md)
- [Reading a story](https://docs.hunters.ai/docs/how-to-read-a-story.md)
- [Explore Alerts and Hot Stories](https://docs.hunters.ai/docs/explore-alerts-and-hot-stories.md)
- [Triage Alerts and Hot Stories](https://docs.hunters.ai/docs/triage-alerts-and-hot-stories.md)
- [Define alert generation threshold](https://docs.hunters.ai/docs/define-alert-generation-threshold.md)
- [SOC Queue FAQ](https://docs.hunters.ai/docs/soc-queue-faq.md)
- [Search for entities](https://docs.hunters.ai/docs/search-for-entities-1.md)
- [Explore entity events](https://docs.hunters.ai/docs/explore-entity-events.md)
- [Investigate processes](https://docs.hunters.ai/docs/investigate-processes.md)
- [Search for IOCs](https://docs.hunters.ai/docs/search-for-iocs.md)
- [Query raw data](https://docs.hunters.ai/docs/use-hunters-sql-notebook.md)
- [Start a new search](https://docs.hunters.ai/docs/start-a-new-search.md)
- [Understand search results](https://docs.hunters.ai/docs/understand-search-results.md)
- [Reuse and manage saved queries](https://docs.hunters.ai/docs/manage-query-library.md)
- [Useful queries](https://docs.hunters.ai/docs/useful-queries.md)
- [Understand threat coverage](https://docs.hunters.ai/docs/understand-threat-coverage.md)
- [Examine detectors](https://docs.hunters.ai/docs/export-detections.md)
- [Create a custom detector](https://docs.hunters.ai/docs/create-a-custom-detector.md)
- [Create a new event source](https://docs.hunters.ai/docs/create-a-new-event-source.md)
- [Custom detectors FAQ](https://docs.hunters.ai/docs/custom-detectors-faq.md)
- [Define custom scoring rules](https://docs.hunters.ai/docs/define-custom-scoring-rules.md)
- [Define alert generation settings](https://docs.hunters.ai/docs/define-alert-generation-settings.md)
- [Customization FAQs](https://docs.hunters.ai/docs/customization-faqs.md)
- [About asset tags](https://docs.hunters.ai/docs/about-asset-tags.md)
- [Tag assets](https://docs.hunters.ai/docs/tag-assets.md)
- [Migrate existing Snowflake user to key-pair](https://docs.hunters.ai/docs/migrate-existing-snowflake.md)
- [About data sources and flows](https://docs.hunters.ai/docs/about-data-sources-and-flows.md)
- [About data health](https://docs.hunters.ai/docs/about-data-health.md)
- [Monitor data flow health](https://docs.hunters.ai/docs/data-flow-health-monitoring.md)
- [Set up data health notifications](https://docs.hunters.ai/docs/set-up-data-health-notifications.md)
- [Troubleshooting data issues](https://docs.hunters.ai/docs/troubleshooting-data-issues.md)
- [Migrate Azure logs from Blob Storage to Event Hub](https://docs.hunters.ai/docs/migrating-azure-logs-from-blob-storage-to-event-hub.md)
- [Tag data flows](https://docs.hunters.ai/docs/tag-data-flows.md)
- [Hunters data sources and flows](https://docs.hunters.ai/docs/hunters-data-sources-and-flows.md)
- [Configure SSO connections](https://docs.hunters.ai/docs/configure-sso-connections.md)
- [Update your profile information](https://docs.hunters.ai/docs/update-your-profile-information.md)
- [Change your password](https://docs.hunters.ai/docs/change-your-password.md)
- [Enable two-factor authentication](https://docs.hunters.ai/docs/enable-two-factor-authentication.md)
- [Inspect audit logs](https://docs.hunters.ai/docs/inspect-audit-logs.md)
- [Generic roles](https://docs.hunters.ai/docs/generic-roles.md)
- [MSSP-related roles](https://docs.hunters.ai/docs/mssp-related-roles.md)
- [Feature-based roles](https://docs.hunters.ai/docs/feature-based-roles.md)
- [Invite new users](https://docs.hunters.ai/docs/invite-new-users.md)
- [Edit user roles](https://docs.hunters.ai/docs/edit-user-roles.md)
- [Delete users](https://docs.hunters.ai/docs/delete-users.md)
- [Troubleshooting user management issues](https://docs.hunters.ai/docs/troubleshooting-user-management-issues.md)
- [Define an MFA policy](https://docs.hunters.ai/docs/define-an-mfa-policy.md)
- [Configure lockout](https://docs.hunters.ai/docs/configure-lockout.md)
- [Configure password history policy](https://docs.hunters.ai/docs/configure-password-history-policy.md)
- [Configure session management settings](https://docs.hunters.ai/docs/configure-session-management-settings.md)
- [Set up domain restrictions](https://docs.hunters.ai/docs/set-up-domain-restrictions.md)
- [About Hunters Workflows](https://docs.hunters.ai/docs/about-hunters-workflows.md)
- [Glossary](https://docs.hunters.ai/docs/glossary.md)
- [FAQ](https://docs.hunters.ai/docs/workflows-faq.md)
- [Create a recipe from scratch](https://docs.hunters.ai/docs/create-a-new-recipe-from-scratch.md)
- [Create a webhook recipe from template](https://docs.hunters.ai/docs/create-a-webhook-recipe-from-template.md)
- [Create an email recipe from template](https://docs.hunters.ai/docs/create-an-email-recipe-from-template.md)
- [Create a Jira issue - Cluster](https://docs.hunters.ai/docs/create-a-jira-issue-cluster.md)
- [Sync Hunters status with Jira](https://docs.hunters.ai/docs/sync-hunters-status-with-jira.md)
- [Sync Jira status with Hunters](https://docs.hunters.ai/docs/sync-jira-status-with-hunters.md)
- [Optional workflow steps](https://docs.hunters.ai/docs/optional-steps.md)
- [Organize Hunters workflows](https://docs.hunters.ai/docs/organize-hunters-workflows.md)
- [Manage Recipes](https://docs.hunters.ai/docs/manage-recipes.md)
- [Response Action (Preview)](https://docs.hunters.ai/docs/create-response-action.md)
- [Hunters connector index](https://docs.hunters.ai/docs/workflows-index.md)
- [Useful Links](https://docs.hunters.ai/docs/useful-links.md)
- [Set up analytics](https://docs.hunters.ai/docs/set-up-analytics.md)
- [Pathfinder Investigation - Beta](https://docs.hunters.ai/docs/pathfinder-ai-open-beta.md)
- [Pathfinder Explain](https://docs.hunters.ai/docs/ai-assistant.md)
- [AI Acceptable Use Policy](https://docs.hunters.ai/docs/ai-acceptable-use-policy.md)
- [Person Matcher](https://docs.hunters.ai/docs/person-matcher.md)
- [Impossible Travel detectors (UEBA)](https://docs.hunters.ai/docs/impossible-travel-detectors-ueba.md)
- [Time Series detectors (UEBA)](https://docs.hunters.ai/docs/time-series-detectors-ueba.md)
- [Customer Session: The Silent Adversary: Hunting and Investigating MSHTA.exe Attacks](https://docs.hunters.ai/docs/customer-session-the-silent-adversary-hunting-and-investigating-mshtaexe-attacks.md)
- [Customer Session: Unzipping Threats - Investigating .zip domains with Team Axon](https://docs.hunters.ai/docs/customer-session-unzipping-threats-investigating-zip-domains-with-team-axon.md)
- [Customer Session: On-Prem To Azure Cloud: Detecting Attacks in Hybrid Environments](https://docs.hunters.ai/docs/customer-session-on-prem-to-azure-cloud-detecting-attacks-in-hybrid-environments.md)
- [Customer Session: Hunters H1 Product Recap](https://docs.hunters.ai/docs/customer-session-hunters-h1-product-recap.md)
- [Customer Session: Writing Snowflake Queries That Actually Return Results](https://docs.hunters.ai/docs/customer-session-writing-snowflake-queries-that-actually-return-results.md)
- [Customer Session - Hunters Risk Score with Noa Pinkas, Product Manager](https://docs.hunters.ai/docs/customer-session-hunters-risk-score-with-noa-pinkas-product-manager.md)
- [The Effective Analyst: How to use Hunters SOC Platform to Investigate Alerts](https://docs.hunters.ai/docs/the-effective-analyst-how-to-use-hunters-soc-platform-to-investigate-alerts.md)
- [Customer Session: Investigating OneNote Malware with Hunters' Team Axon](https://docs.hunters.ai/docs/customer-session-investigating-onenote-malware-with-hunters-team-axon.md)
- [Customer Session: Threat Hunting with Hunters' IOC Search](https://docs.hunters.ai/docs/customer-session-threat-hunting-with-hunters-ioc-search.md)
- [Raise feature requests](https://docs.hunters.ai/docs/raise-feature-requests.md)
- [Contact Team Axon](https://docs.hunters.ai/docs/contact-team-axon.md)
- [Contact support](https://docs.hunters.ai/docs/contact-support.md)
- [Hunters Documentation - Terms of Use](https://docs.hunters.ai/docs/hunters-documentation-terms-of-use.md)
- [April 2026](https://docs.hunters.ai/docs/april-2026.md)
- [March 2026](https://docs.hunters.ai/docs/march-2026.md)
- [February 2026](https://docs.hunters.ai/docs/february-2026.md)
- [January 2026](https://docs.hunters.ai/docs/release-notes-january-2026.md)
- [December 2025 - #2](https://docs.hunters.ai/docs/december-2025-2.md)
- [December 2025 - #1](https://docs.hunters.ai/docs/release-notes-december-2025-1.md)
- [November 2025 - #2](https://docs.hunters.ai/docs/november-2025-2.md)
- [November 2025 - #1](https://docs.hunters.ai/docs/november-2025-1.md)
- [August 2025](https://docs.hunters.ai/docs/august-2025.md)
- [July 2025](https://docs.hunters.ai/docs/july-2025.md)
- [May 2025](https://docs.hunters.ai/docs/may-2025.md)
- [April 2025](https://docs.hunters.ai/docs/april-2025.md)
- [March 2025](https://docs.hunters.ai/docs/march-2025.md)
- [February 2025](https://docs.hunters.ai/docs/february-2025.md)
- [January 2025 (2)](https://docs.hunters.ai/docs/january-2025-2.md)
- [January 2025 (1)](https://docs.hunters.ai/docs/january-2025-1.md)
- [December 2024](https://docs.hunters.ai/docs/december-2024.md)
- [November 2024 (2)](https://docs.hunters.ai/docs/november-2024-2.md)
- [November 2024 (1)](https://docs.hunters.ai/docs/security-research-update-1.md)
- [October 2024](https://docs.hunters.ai/docs/release-notes-029.md)
- [September 2024 (2)](https://docs.hunters.ai/docs/release-notes-028.md)
- [September 2024 (1)](https://docs.hunters.ai/docs/security-research-update.md)
- [August 2024](https://docs.hunters.ai/docs/release-notes-027.md)
- [July 2024 (3)](https://docs.hunters.ai/docs/release-notes-026.md)
- [July 2024 (2)](https://docs.hunters.ai/docs/release-notes-025.md)
- [July 2024 (1)](https://docs.hunters.ai/docs/release-notes-024.md)
- [June 2024](https://docs.hunters.ai/docs/release-notes-023.md)
- [May 2024](https://docs.hunters.ai/docs/release-notes-022.md)
- [April 2024](https://docs.hunters.ai/docs/release-notes-021.md)
- [March 2024](https://docs.hunters.ai/docs/release-notes-020.md)
- [February 2024 (2)](https://docs.hunters.ai/docs/release-notes-019.md)
- [February 2024 (1)](https://docs.hunters.ai/docs/release-notes-018.md)
- [January 2024](https://docs.hunters.ai/docs/release-notes-017.md)
- [December 2023](https://docs.hunters.ai/docs/release-notes-016.md)
- [November 2023 (2)](https://docs.hunters.ai/docs/release-notes-015.md)
- [November 2023 (1)](https://docs.hunters.ai/docs/release-notes-014.md)
- [October 2023](https://docs.hunters.ai/docs/release-notes-013.md)
- [September 2023](https://docs.hunters.ai/docs/release-notes-012.md)
- [August 2023 (2)](https://docs.hunters.ai/docs/release-notes-011.md)
- [August 2023 (1)](https://docs.hunters.ai/docs/using-threat-intel-to-prevent-false-positives.md)
- [July 2023 (4)](https://docs.hunters.ai/docs/rn-010.md)
- [July 2023 (3)](https://docs.hunters.ai/docs/rn-009-threat-clustering-release.md)
- [July 2023 (2)](https://docs.hunters.ai/docs/rn-008-improvements-to-hunters-threat-clustering-abilities-published-july-2023.md)
- [July 2023 (1)](https://docs.hunters.ai/docs/rn-007-published-july-2023.md)
- [June 2023](https://docs.hunters.ai/docs/rn-006-published-june-2023.md)
- [May 2023](https://docs.hunters.ai/docs/rn-005-published-may-2023.md)
- [April 2023](https://docs.hunters.ai/docs/rn-004-published-april-2023.md)
- [March 2023 (2)](https://docs.hunters.ai/docs/rn-003-published-march-2023.md)
- [March 2023 (1)](https://docs.hunters.ai/docs/rn-002-published-march-2023.md)
- [February 2023](https://docs.hunters.ai/docs/rn-001-published-february-2023.md)
- [January 2023](https://docs.hunters.ai/docs/improvements-to-the-automatic-investigation-process-published-january-2023.md)