Tenzir comes with the following source operators, in alphabetical order:
Use Tenzir's REST API directly from a pipeline.
📄️ context create
Creates a new context.
📄️ context delete
Deletes a context.
Retrieves events from a Tenzir node. The dual to import.
The fluent-bit source receives events from [Fluent
Produces events by combining a connector and a format.
The load operator acquires raw bytes from a connector.
Executes a system command and hooks its stdout into the pipeline.
Returns meta information about Tenzir and nodes.
Submits VQL to a Velociraptor server and returns the response as events.