Logpresso Sonar is a security information and event management platform that collects, analyzes, and visualizes security logs from various sources. The platform uses AI and machine learning models to detect unknown threats including web attacks, fileless malware, DNS tunneling, DGA domains, phishing domains, and data exfiltration. The platform provides real-time log collection capabilities through multiple protocols including syslog, SNMP, sflow, netflow, and IPFIX. It can collect logs from databases, FTP, SSH, SFTP, Hadoop, and HTTP REST APIs. Agents are available for Windows, Linux, AIX, HP-UX, Solaris, and any operating system supporting JDK7 or above. Logpresso Sonar features a pivot table interface for analyzing large datasets through drag and drop operations, eliminating the need for complex query syntax. The platform includes a schema-less storage engine and vectorized query engine designed to provide performance improvements for real-time drilldown analysis without requiring summary indexes or materialized views. Users can build and deploy custom AI models for threat hunting. The platform supports customizable dashboard widgets with input controls and drilldown events. It offers over 200 out-of-the-box integrations with security solutions and applications.