For AI agents: visit https://docs.sandflysecurity.com/llms.txt for an index of all pages formatted in Markdown and endpoints in OpenAPI.
Jump to Content
Home
Documentation
API Reference
5.0.0
5.1.0
5.1.1
5.2.0
5.3.0
v5.3.1
v5.4.0
v5.4.1
v5.4.2
v5.5.0
v5.5.1
v5.5.4
v5.6.0
v5.7.0
v5.8.0
Log In
Documentation
Search
Log In
v5.8.0
Home
Documentation
API Reference
Sandflies
Getting Started
Sandfly Agentless Security Overview
Theory of Operation
Sandfly Scaling Guide
Installation
Installation Overview
Installation Requirements
Protected System Requirements
Standard Security vs. Maximum Security Install
Cloud Image Install
Server Install - Cloud Image - AWS
Server Install - Cloud Image - DigitalOcean
Docker Image Install
Install Container Tool
Download Setup Archive
Server Install - Docker Image
Node Install - Docker Image
Sandfly Install - Docker Compose
Sandfly Install - Kubernetes
Installing a Custom SSL Certificate
Named Queues
Quick Start
Quick Start Overview
User Interface
Login Screen
User Interface Overview
Top Bar
Threat Map
Status Graph
Sidebar
UTC/Local Time Display
Results Viewer
Results Top Bar
Viewing Results
Deleting Results
Sandfly Hunter
Hosts Management
Adding Hosts
Viewing Hosts
Updating Hosts
Deleting Hosts
Drift Detection
Drift Detection Profiles
Drift Profile Details
Drift Detection Wizard
Drift Wizard - Model Hosts
Drift Wizard - Use Case
Drift Wizard - Drift Sandflies
Drift Wizard - Building Profile
Drift Wizard - Covered Hosts
Drift Wizard - Scan Schedule
Drift Wizard - Profile Details
SSH Hunter
Security Zones
Example: SSH Security Zone
Banned Keys
Key Investigation
User Investigation
Host Investigation
Tag Workbench
AI Analysis
Adding Analysis
Viewing Analysis
Reports
Scan
Schedules
Adding Schedule - Scan Hosts
Adding Schedule - Discover Hosts
Viewing Schedule
Deactivating and Deleting Schedule
Scheduling Optimization
Response Actions
Result Response Actions
SSH Key Response Actions
Response Action Log
Jump Hosts
Host Credentials
Credentials Security
Adding Credentials
Viewing Credentials
Updating Credentials
Deleting Credentials
Sandflies
Sandfly Types
Viewing Sandflies
Activating and Deactivating Sandflies
Sandfly Auto Response
Whitelisting
Whitelisting a Sandfly
Viewing and Deleting Whitelist Entries
Settings
User Profile and Password
Adding Users
Single Sign-On (SSO)
Your License
General Settings
Threat Feeds
AI Configuration
Notifications
Adding Email Notifications
Adding Webhook Notifications
Deleting Notifications
Elasticsearch Replication
PostgreSQL Replication
Sentinel Replication
Syslog
3rd Party Applications
Logs
Audit Log
Scan Error Log
Logging Out
Custom Sandflies
Custom Sandfly Operation
Custom Sandfly Creation
Custom Sandfly Options
Rule Construction
Expr Rules for Sandfly
Upgrading
Upgrading Sandfly Docker/Podman Deployment
Administration
Special Case Node Configurations
External Credential Provider Interface
Docker Management
Run Sandfly with Podman
Run Sandfly on Non-Default Ports
Backup and Restore Guide
Log Level Change Guide
Maintenance Scripts
Hash Match Fields
Sandfly API
API Endpoint Role Security Matrix
Operational FAQ
Application Notes
Cisco NX-OS
JunOS Evolved
Tailscale SSH
Elastic Connector
Appendix
Sandfly Forensic Keyword List
Header Data
Option Data
Operating System Data
Explanation Data
File Data
Directory Data
Process Data
User Data
Log Data
Lastlog Data
(U|W|B)TMP Log Data
Cron Job Data
At Job Data
Kernel Module Data
Systemd Data
License - EULA
License - EULA
User Interface
Sandflies
Copy Page