Monitoring Tenzir nodes is easier than before with Tenzir v4.18 and its new health metrics.

The new Tenzir v4.17 brings an integration with Azure Log Analytics and adds support for expiring entries in lookup tables.

I spent the past twelve weeks interning at Tenzir and am excited to share my experiences.

Pipelines now connect more flexibly than ever before with Tenzir v4.16 and its upgraded publish and subscribe operators.

Tenzir v4.15 is now available for download. The Tenzir Platform now shows live-updating pipeline activity, and the Tenzir Node has improved support for subnet keys in lookup tables, and installs natively for RedHat Linux and its derivatives.

Introducing Tenzir v4.14: A major update to the summarize operator with new aggreagtion functions, and support for slicing with strides.

We've just released Tenzir v4.13, a release focusing on stability and incremental improvements over the feature-packed past releases.

We are thrilled to announce Tenzir v4.12, a feature-packed release introducing numerous enhancements. Notable additions include list unrolling, event deduplication, and the deployment of advanced pipeline architectures with publish-subscribe. We've also added a download button, extended support for UDP, and implemented many other refinements to improve your experience.

In the bustling world of data operations, handling large volumes of information is an everyday affair. Each day, countless bytes of data move around in systems, challenging organizations to maintain data accuracy, efficiency, and cost-effectiveness. Amid this vast data landscape, one concept has emerged as a critical ally—deduplication.

Our latest v4.11 release delivers powerful automation features, such as scheduling pipelines in a given time interval and sending pipeline data as emails.

Today, we're releasing Tenzir v4.10, which improves how Tenzir integrates with modern deployment practices.

We're thrilled to announce the release of Tenzir v4.9, enhancing the Explorer further to empower you with the capability of rendering your data as a chart.

Did you ever want to get a sneak peek behind the scenes at Tenzir? Now you can!

Hot off the press: Tenzir v4.8. This release is filled with goodness.

We re-wired Tenzir's fluent-bit operator and introduced a significant performance boost as a side effect: A 3–5x gain for throughput in events per second (EPS) and 4–8x improvement of latency in terms of processing time.

Tenzir v4.7 brings a new context type, two parsers, four new operators, improvements to existing parsers, and a sizable under-the-hood performance improvement.

How would you create a contextualization engine? What are the essential building blocks? We asked ourselves these questions after studying what's out there and built from scratch a high-performance contextualization framework in Tenzir. This blog post introduces this brand-new framework, provides usage examples, and describes how you can build your own context plugin.

Tenzir v4.6 is here, and it is our biggest release yet. The headlining feature is the all-new context feature, powered by the context and enrich operators and the new context plugin type.

Enrichment is a major part of a security data lifecycle and can take on many forms: adding GeoIP locations for all IP addresses in a log, attaching asset inventory data via user or hostname lookups, or extending alerts with magic score to bump it up the triaging queue. The goal is always to make the data more actionable by providing a better ground for decision making.

This is the first part of series of blog posts on contextualization. We kick things off by looking at how existing systems do enrichment. In the next blog post, we introduce how we address this use case with pipeline-first mindset in the Tenzir stack.

Here comes Tenzir v4.5! This release ships a potpourri of smaller improvements that result in faster historical query execution and better deployability.