Real-Time Alert, Log & Metric Event Correlation

thatDot Connect accelerates security service development and incident investigations while significantly filtering the volume of logs you need to analyze. Only thatDot Connect finds patterns and anomalies in your alerts, logs, and metrics with historical data over any time window.

security event correlation

Real Time Streaming ETL

Real-Time Streaming ETL

Transformation streaming data as it is ingested, define new operations in minutes, and apply changes to past data as well.

Real time Event Correlation

Real-time, continuous, correlation of alerts, logs and metrics, across all your monitoring and system sources.

Data Lineage

Data Lineage

Instant access to every version of your data, for any timeframe, without having to replay data.

Standing Queries

Standing Queries

Queries that execute against data streams, and data history, in real-time.

Streaming Anomaly Detection

Real-time identification of novel behavior.  Filter logs to what matters!

Categorical Data

Categorical Data

Analyze categorical and statistical data for patterns and anomalies.

Infinite Database Size

Active and dynamic management of the graph data model across in-memory and persistent data stores.


GUI based filtering and exploration of user sessions that generalist can use, and APIs for integration into your dashboards and tools of choice.

Massive Scale

Distributed processing of ingestion, analysis, queries, indexing and historical change tracking.

Enable Real-time Security Analysis With Alert, Log And Metric Event Correlation

Use Case Highlight

Correlation of Firewall Alerts and Network Logs

Investigating WAF alerts are an essential part of a corporate security practice, but correlating alert events to CDN/network logs, and then tracing activity back to users and potentially affected systems is time consuming work.  thatDot instantly finds and correlates all your WAF alerts, CDN/Network logs and application server logs, to provide a complete view of flagged events.