RunReveal Documentation

Turn logs into answers—fast. Connect 70+ tools, investigate with AI, and detect threats in real time.

Step-by-step guides to get you running quickly.

Chat with your security data using AI-powered investigations.

Build and manage data processing pipelines.

Connect 70+ tools to centralize all your security data.

Normalize data for consistent queries and dashboards.

Powerful querying and sampling for noisy streams.

Manage rules with detection-as-code workflows.

Add context and metadata to every event.

Configure alerts and notifications for security events.

Connect with Grafana, Jupyter, and other tools.

Create custom graphs using your data.

Complete API and CLI documentation.

Bring Your Own Cloud

Deploy RunReveal in your own environment.

Definitions of security and technical terms.

Stay up to date with the latest updates.

What Makes Us Special

Built for modern security teams with modern needs

Built for Everyone

For teams of 1 to 100,000. Every company deserves the tools to detect compromises.

Own Your Data

Built on an open-source database so you retain control—without sacrificing performance.

Customizable & Simple

Configure formats, visualizations, and enrichments—while the UI stays effortless.

Performance & Pricing

ClickHouse-powered speed with transparent pricing that beats legacy SIEMs.

How RunReveal Works

From data collection to threat detection in one seamless flow

Sources

Collect logs from 70+ security tools via APIs, webhooks, and integrations.

Transforms

Transform and normalize data formats.

Filtering & Sampling

Filter events and sample data.

Data Storage & Search

Store, search, and analyze logs with ClickHouse.

AI Chat & MCP

Natural language queries with tool integration to investigate logs and detections.

Detections

Build and deploy security rules.

Alerting

Get notified of security events.

Reports

Daily insights and analysis.

Destinations

Backup and export data to object storage and third-party services.