Sandfly Security

Sandfly Security Documentation

Welcome to the Sandfly Security documentation hub. Sandfly is an agentless compromise and intrusion detection system for Linux.

Sandfly automates security investigation and forensic evidence collection on Linux. Sandfly constantly searches for intruders 24 hours a day on your network without needing to load any agents on your endpoints.

Get Started

Quick Start Overview

Getting Started Quickly

Suggest Edits

Quick Start

Sandfly is easy to setup. Once you install the Server and Node, you just need to do the following steps outlined in the documentation:

  1. Add License Key
  2. Add Host Credentials
  3. Add Hosts
  4. Scan Hosts
  5. View Results
  6. Add Scheduled Checks
  7. Add Syslog and Email Alerts

What's Next

Quick Start Links

Adding License
Adding Credentials
Adding Hosts
Selecting Hosts to Scan
Selecting Sandflies for Scan
Results
Interpreting Results
Adding Schedule

Quick Start Overview

Getting Started Quickly

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.