Gravwell Security Data Platform

Gravwell Security Data Platform is a security data platform that provides log analysis, metrics collection, and security monitoring capabilities. The platform operates as a structure-on-read data lake that ingests data sources in their raw form without requiring normalization at ingest time. It supports various data types including PCAP network captures. The platform uses an analytics pipeline query language that allows queries to evolve as environments change, with questions not needing to be predetermined at ingest time. The system is designed to handle large data volumes with an indexer-based pricing model that does not charge based on data ingestion volume. Gravwell can be deployed in on-premises, cloud, or hybrid environments. The platform includes AI-powered log analysis capabilities through Logbot AI. Installation and updates are performed through standard package management commands. The platform offers multiple editions: Community Edition for small commercial projects, Pro Edition for single business units, Enterprise Edition for critical environments and enterprise SOCs, and Cloud Edition for outsourced hosting and maintenance. Each customer receives access to a dedicated support expert through the mission support program. The system stores data in its raw form on disk and provides analytics capabilities for security operations, threat hunting, and incident investigation across cyber, IT, and OT environments.