Documentation

The central command center providing a high-level overview of your entire network infrastructure.

• Stats Overview: Check the high-level cards at the top of the dashboard. 'Total Logs' shows the entire ingestion count, while 'Active Devices' shows exactly how many collectors are online right now.
• Activity Trends: Use the visual charts to spot anomalies quickly. If there's a huge surge in logs, it might indicate an ongoing attack or system failure.
• Device Status: Scroll to the Device Status grid view. Here you can see every single collector, its IP address, and an active heartbeat signal. Red means the device has lost connection.
• Deep-Dive Links: Click on any summary card to automatically navigate to the deep-dive analytics module for that specific log category.

Engineered for forensic analysis, allowing you to query millions of logs in seconds.

• Querying Logs: Enter your search terms into the main search input. You can type specific file names, usernames, or error codes (e.g., 'failed password').
• Filtering by Date & Severity: Use the sidebar to pick a specific date range. Below that, check the boxes for severity thresholds like 'Error' or 'Critical' to only see major issues.
• Applying Granular Filters: If you want logs from a specific server, type the device name or IP in the Device filter. You can also filter by specific users.
• Exporting Results: Once you've narrowed down your search, click the 'Export' button on the top right. Select CSV or PDF to download the results for compliance or reporting.

Pre-summarized insights categorized by system behavior and user interactions.

• User Activity: Navigate to the 'User Activity' tab to see what users are doing on the NAS. This tracks regular logins and administrative settings changes.
• Sign-ins Tracking: Go to the 'Sign-ins' section to see a list of authentication attempts. Pay special attention to 'Failed' login attempts which could signal a brute force attack.
• File Operations: The 'File Operations' module details every file create, read, update, or delete action. Use this to track down exactly who modified a sensitive document.
• Time-Based Trends: Use the time toggle at the top of the screen (24h, 7d, 30d) to expand the charts and see historical trends rather than just current data.

Proactive notification system designed to highlight critical security incidents.

• Reviewing Alerts: Go to the Alerts page to review real-time notifications. These are categorized by severity levels. Critical alerts are highlighted in red.
• Investigating an Alert: Click on any alert in the table to open its detailed view. This will show you exactly which log triggered the alert and the device it originated from.
• Marking as Read: Once you have addressed an alert, click the 'Mark as Read' button or the checkmark icon. This moves it off your active queue but keeps it in history.
• Filtering Alerts: Use the status toggle to switch between 'Unread' (active issues) and 'All' (historical issues) to manage your daily workflow.

Official documentation for stakeholders, including user behavior and system health audits.

• Selecting Report Type: Navigate to the Reports module. Choose either a 'User Activity Report' for detailed user logs, or an 'Activity Calendar' for a day-by-day heat map.
• Defining Parameters: Use the date picker to choose the exact timeline for the report. Then select the specific user or device you want to run the report on.
• Generating and Reviewing: Click 'Generate'. The system will compile the data and show you a preview of the report directly in the dashboard interface.
• Export Options: Click 'Export PDF' or 'Export Excel' to download a beautifully formatted, official document that you can hand to stakeholders or auditors.

Hardened monitoring for sensitive directory paths such as HR, Finance, or intellectual property.

• Configuration: First, in your machine's collector settings, define the exact directory paths (like 'C:/Finance' or '/var/www') that you want to monitor.
• Monitoring Access: In the Synalyzer dashboard, go to the Secure Folders module. Here you'll see a dedicated feed of only the logs associated with your protected directories.
• Intruder Detection: If an unauthorized user or IP interacts with a monitored folder, this module automatically flags the event as an 'Intruder' and triggers an alert.
• Reviewing the Log Trail: Click on any file operation event to see the exact timestamp, the user account involved, and whether they read, modified, or deleted the file.

Deception-based detection strategy to trap internal or external threats silently.

• Creating a Bait File: Create a fake, highly enticing file on your servers — for example, 'root_passwords.txt'. Put it somewhere an intruder would look, but regular employees wouldn't.
• Setting up the Trap: In the Synalyzer collector configuration for that device, specify the path to your new bait file as a Honeypot trap.
• Silent Monitoring: The Honeypot module monitors that file silently. Legitimate users have no reason to touch it, so any interaction is a guaranteed threat.
• Immediate Escalation: If the file is opened or copied, an immediate Critical Alert is fired, and the Honeypot dashboard will show you the exact IP and user account of the intruder.

Administration hub for all hardware and collectors reporting into the system.

• Viewing Inventory: Go to Device Management to see your complete inventory of log collectors across the NAS. The grid shows their IP addresses, names, and assigned groups.
• Checking Health Status: Look at the 'Last Heartbeat' column. A green indicator means the device is actively sending logs. Red means it has gone offline.
• Registering a New Device: Click 'Add Device'. Fill in the details for the new server or collector. The system will generate a unique registration key for that collector to use.
• Configuration Updates: Click on a device in the list to edit its settings, such as changing its IP, updating its name, or tweaking how often it polls for logs.

Security governance and user management for the Synalyzer platform itself.

• Managing Users: Go to the Administration page to see all accounts that have access to the Synalyzer dashboard. You can create new accounts or disable old ones.
• Role Assignment: When creating a user, assign them a specific Role (e.g., Viewer, Operator, Super Admin). This principle of least privilege ensures they only see what they need to.
• Audit Logging: The System Audit Log shows what your administrators are doing inside the dashboard — such as if an admin edits another user's permissions or deletes an alert.
• Revoking Access: If an employee leaves, simply click 'Deactivate' next to their name. Their access is revoked instantly, keeping the platform inherently secure.

System-wide metadata, activation details, and company branding settings.

• Verifying Your License: Navigate to the Profile page. Here you can see your current Activation Key, the date it started, and precisely how many days until it expires.
• Checking Technical Settings: The profile view also displays the port number your analyzer engine is actively listening on.
• Capacity Monitoring: Review your 'Device Usage' bar. It shows how many devices you currently have registered out of your maximum licensed capacity.
• Company Details: View your registered company details to ensure your official branding and contact information match your deployment records.