The punch provides many key capabilities to design an open-source complete solution:
- Log collectors + multi-sites|room|datacenters
- Log Parsers
- Complex Event Processing Rules
- Elasticsearch and Kibana powered forensics services
- First class stream processing powered by apache Storm and Spark Structured Streaming
- First class batch processing through spark PML feature:
- machine learning
- Security and multi-tenant
- Configuration Management
The punch primary focus is to help projects deal with capacity planning and the long term maintenance of a complete stack, while benefiting from state-of-the art open source technologies.
Last, building a security siem requires more than technical features. The punch support team provides valuable assistance along with your project lifetime.