Getting Started

Get up and running with logcannon.com in minutes

1

Configure Your Target

Set up your SIEM target in Settings. You can configure multiple target profiles for Splunk HEC or Elasticsearch. Each profile stores connection details securely and can be selected when processing logs.

2

Select from Catalog

Browse the catalog to find log samples by type, category, or search terms. The catalog provides access to a curated collection of real-world log samples, pre-processed and ready to use. Select a log entry to view its metadata and insert it directly into your SIEM.

3

Process and Send

Once selected from the catalog, your logs are processed and normalized. Choose your target profile and send the logs to your SIEM. You can control timestamp behavior (preserve original, use current time, or relative replay) and batch size for optimal performance.

4

View Logs in Your SIEM

Once the logs have been sent, you can view them in your SIEM platform. Logs maintain their original structure and field names where possible for maximum compatibility.

+

Upload Your Own Logs (Advanced)

For more advanced users, you can upload your own Windows Event Log (EVTX) files directly through the web interface. Currently, we support Sysmon logs. The system will automatically detect the log type from your file.