Jump to Content
Sandfly Security
HomeDocumentationAPI Reference
Log InSandfly Security
Home
Log In

Sandfly Security Documentation

Welcome to the Sandfly Security documentation hub. Sandfly is an agentless compromise and intrusion detection system for Linux®.

Sandfly automates security investigation and forensic evidence collection on Linux. Sandfly constantly searches for intruders 24 hours a day on your network without needing to load any agents on your endpoints.

Please use https://help.sandflysecurity.com/ for all of your customer support needs.


Linux® is the registered trademark of Linus Torvalds in the U.S. and other countries.

Get StartedAPI Reference

Getting Started

  • Sandfly Agentless Security Overview
  • Theory of Operation
  • Sandfly Scaling Guide

Installation

  • Installation Overview
  • Installation Requirements
  • Protected System Requirements
  • View More…

Quick Start

  • Quick Start Overview

User Interface

  • Login Screen
  • User Interface Overview
  • UTC/Local Time Display
  • View More…

Custom Sandflies

  • Custom Sandfly Operation
  • Custom Sandfly Creation
  • Custom Sandfly Options
  • View More…

Upgrading

  • Upgrading Sandfly

Administration

  • Special Case Server Configurations
  • Special Case Node Configurations
  • External Credential Provider Interface
  • View More…

Application Notes

  • Tailscale SSH
  • JunOS Evolved
  • Cisco NX-OS
  • View More…

Appendix

  • Sandfly Forensic Keyword List

License - EULA

  • License - EULA