Introduction
Skip to content

RunReveal Documentation

Turn logs into answers—fast. Connect 70+ tools, investigate with AI, and detect threats in real time.

What Makes Us Special

Built for modern security teams with modern needs

What Makes RunReveal Special

Built for Everyone

For teams of 1 to 100,000. Every company deserves the tools to detect compromises.

Own Your Data

Built on an open-source database so you retain control—without sacrificing performance.

Customizable & Simple

Configure formats, visualizations, and enrichments—while the UI stays effortless.

Performance & Pricing

ClickHouse-powered speed with transparent pricing that beats legacy SIEMs.

How RunReveal Works

From data collection to threat detection in one seamless flow

How RunReveal Works

Sources

Collect logs from 70+ security tools via APIs, webhooks, and integrations.

Transforms

Transform and normalize data formats.

Filtering & Sampling

Filter events and sample data.

Data Storage & Search

Store, search, and analyze logs with ClickHouse.

AI Chat & MCP

Natural language queries with tool integration to investigate logs and detections.

Detections

Build and deploy security rules.

Alerting

Get notified of security events.

Reports

Daily insights and analysis.

Destinations

Backup and export data to object storage and third-party services.