RunReveal Documentation
Turn logs into answers—fast. Connect 70+ tools, investigate with AI, and detect threats in real time.
How To Guides
Step-by-step guides to get you running quickly.
Learn more about How To Guides
AI Chat
Chat with your security data using AI-powered investigations.
Learn more about AI Chat
Pipelines
Build and manage data processing pipelines.
Learn more about Pipelines
Sources
Connect 70+ tools to centralize all your security data.
Learn more about Sources
Transforms
Normalize data for consistent queries and dashboards.
Learn more about Transforms
Filtering
Powerful querying and sampling for noisy streams.
Learn more about Filtering
Detections
Manage rules with detection-as-code workflows.
Learn more about Detections
Enrichments
Add context and metadata to every event.
Learn more about Enrichments
Notifications
Configure alerts and notifications for security events.
Learn more about Notifications
Integrations
Connect with Grafana, Jupyter, and other tools.
Learn more about Integrations
Dashboards
Create custom graphs using your data.
Learn more about Dashboards
Reference
Complete API and CLI documentation.
Learn more about Reference
Bring Your Own Cloud
Deploy RunReveal in your own environment.
Learn more about Bring Your Own Cloud
Glossary
Definitions of security and technical terms.
Learn more about Glossary
Release Notes
Stay up to date with the latest updates.
Learn more about Release Notes
What Makes Us Special
Built for modern security teams with modern needs
What Makes RunReveal Special
Built for Everyone
For teams of 1 to 100,000. Every company deserves the tools to detect compromises.
Own Your Data
Built on an open-source database so you retain control—without sacrificing performance.
Customizable & Simple
Configure formats, visualizations, and enrichments—while the UI stays effortless.
Performance & Pricing
ClickHouse-powered speed with transparent pricing that beats legacy SIEMs.
How RunReveal Works
From data collection to threat detection in one seamless flow
How RunReveal Works
Sources
Collect logs from 70+ security tools via APIs, webhooks, and integrations.
Transforms
Transform and normalize data formats.
Filtering & Sampling
Filter events and sample data.
Data Storage & Search
Store, search, and analyze logs with ClickHouse.
AI Chat & MCP
Natural language queries with tool integration to investigate logs and detections.
Detections
Build and deploy security rules.
Alerting
Get notified of security events.
Reports
Daily insights and analysis.
Destinations
Backup and export data to object storage and third-party services.