Description
Gravwell is a Security Data Platform (SDP) built to replace legacy SIEMs, empowering users to ingest and retain full-fidelity data, query anything, and scale without per-GB pricing surprises. It enables security teams to analyze data on demand using a piped query language and provides tools for threat hunting, data fusion, and big data analytics.
Features
- Unlimited data ingestion
- Unlimited retention
- Unlimited users
- Unlimited automations
- Tiered storage
- Cloud archive storage
- Configurable data retention & automatic age-out
- Search scheduler agent & built-in orchestration
- Single sign-on
- Online replication
- Region-aware redundancy
- Enhanced multi-tenancy permissions
- Distributed web frontends
- High availability search
- Web UI drag-and-drop ingester
- Compound queries for data fusion
- Pre-built dashboards with Kits
- Flows for visual automation
Use Cases
- Threat hunting with context-rich historical data
- Root-cause analysis using full PCAP and NetFlow records
- Machine learning on years of endpoint telemetry
- Insider threat detection across unstructured logs
- Real-time alerts and compliance
- Exploration, enrichment, and long-term retention
- System performance monitoring
- Anomaly detection
- Automating routine investigations
Pricing
Model
indexer-based
Starting At
Contact vendor
Details
Pricing is based on the number of indexers in the cluster. Each indexer has unlimited ingest capacity. No additional fees for data spikes or new data.
Trial / Tier
Free Trial Free Tier Available
Deployment & Platforms
CloudOn-PremiseHybrid
WindowsLinuxmacOS
Integrations
Google Cloud Platform PubSubNetFlowZeekSysmonDNSDHCPPCAPJSONVideoBinary
Target Market
Company Sizes
SMBmid-marketenterprise
Industries
Contacts
| Name | Title | Phone | Type | |
|---|---|---|---|---|
| Tim Clise | tim.clise@gravwellio | (202) 681-7087 | general |