Jump to Content

Home Documentation API Reference

Documentation

WTMP Log Data

Getting Started

Sandfly Agentless Security Overview
Theory of Operation
Sandfly Scaling Guide

Installation

Installation Overview
Installation Requirements
Protected System Requirements
Standard Security vs. Maximum Security Install
Cloud Image Install
- Server Install - Cloud Image - AWS
- Server Install - Cloud Image - Digital Ocean
Docker Image Install
- Server Install - Docker Image
- Node Install - Docker Image
Named Queues
Installing a Custom SSL Certificate

Quick Start

Quick Start Overview

User Interface

Login Screen
User Interface Overview
UTC/Local Time Display
Results Viewer
Sandfly Hunter
Hosts Management
SSH Hunter
Reports
Scan
Schedules
Notifications
Jump Hosts
Host Credentials
Sandflies
Whitelisting
- Whitelisting a Sandfly
- Viewing and Deleting Whitelist Entries
Result Profiles
- Example: Drift Detection
Settings
Logs
- Audit Log
- Scan Error Log
Logging Out

Custom Sandflies

Custom Sandfly Operation
Custom Sandfly Creation
Custom Sandfly Options
Rule Construction
Expr Rules for Sandfly

Upgrading

Upgrading Sandfly

Administration

Special Case Server Configurations
Special Case Node Configurations
External Credential Provider Interface
Docker Management
Run Sandfly with Podman
Backup and Restore Guide
Log Level Change Guide
Maintenance Scripts
Hash Match Fields
Sandfly API
API Endpoint Role Security Matrix
Operational FAQ

Application Notes

Tailscale SSH
JunOS Evolved
Cisco NX-OS
Cisco IOS-XR

Appendix

Sandfly Forensic Keyword List

License - EULA

License - EULA

WTMP Log Data

Page Deprecated

As of Sandfly version 5.3.0, This page has been deprecated and its content moved into (U|W|B)TMP Log Data.

Updated 5 months ago

Table of Contents
- Page Deprecated