To create a new RunReveal account, click "Get Started", and sign into RunReveal using one of the third party OAuth providers.
Once you create an account, you'll need to create a source. The sources page will load and you can connect one of the 4 sources or click "Show all sources" to explore all the sources RunReveal supports:
Add your first source
When you create a source, you'll be prompted for a few key things.
Source Settings. This contains all the necessary configuration to ingest your data. Source settings will each be specific to the type of data you ingest. For API Polling Source, we'll need an API key to interact with the API. For S3 sources, we'll need a bucket name and IAM configuration to read from the S3 bucket. And lastly for webhook sources, we'll provide you a URL that you'll set within the cloud provider that we receive data from.
Detection and Analytics Packs. These are pre-made detections and visualizations that we'll connect to your source as soon as your source is created. You can always add these after the source is made, and if they are grayed out it means you've already added the pack to your account.
Health Checks. We'll notifiy you as soon as your source becomes "unhealthy". These can be configured to a specific amount of time, but has a minimum time of 1 hour since it's common that data delays in cloud providers would make a lot of false positives at values lower than 1 hour.
You're now detecting threats, visualizing useful information from your logs, and able to search your logs with the most powerful log search ever made.