Ask AI

Use case

Data collection

Collect security telemetry from across your environment reliably and at scale, without maintaining complex scripts or stitching together multiple tools.

Start free trial
data collection v2

The challenge

Remove friction from telemetry collection

SOC and infrastructure teams are stuck endlessly deploying and maintaining agents across thousands of systems, patching, updating, and troubleshooting them. Add to that fragmented tools, inconsistent formats, and credential sprawl, and what should be simple data collection turns into an expensive, error-prone bottleneck.

The Solution

DataStream – intelligent security telemetry pipeline

Get clean telemetry in minutes

DataStream connects directly to over 50 platforms to gather security data safely and reliably. There’s no need to install additional software, restart systems, or manage complicated setups because everything works out of the box.

Start fast, stay simple

Because you don’t have to maintain anything on endpoints, you skip the hassle of patching and updates across thousands of devices. Secure integration with your existing systems makes setup fast and easy while keeping your environment protected.

Categorize at the source with Datasets

As soon as you start collecting data, it’s automatically sorted into clear groups like Windows logs, Linux logs, or user activity. This built-in organization keeps pipelines cleaner and makes compliance checks easier from the start.

Key benefits

Why this approach works

Zero deployment
overhead

Nothing to install on target systems

Cross-platform
by default

Consistent collection across mixed estates

Read-only
collection

Enterprise-grade security from the start

Built-in data
hygiene

Automatic categorization improves compliance and routing

datastream – data collection

Supported environments

One platform, no puzzle to assemble

You don’t need a patchwork of third-party collectors or separate “ingest tools.” DataStream’s agentless collection is built in, so you aren’t stitching together (and maintaining) multiple components to get data flowing.

Frequently asked questions

Do we need to deploy endpoint agents?

No, deploying an agent is not the only way to collect data. DataStream supports both agent-based and agentless deployment models. For environments where installing agents is not preferred, you can use our agentless option, which leverages secure, read-only access over WinRM/SSH and native system logging facilities. This gives you full flexibility to choose the collection method that best fits your infrastructure and security requirements.

How are credentials handled?

DataStream does not require you to enter sensitive credentials in the UI.
For Windows systems, DataStream uses Active Directory Service Accounts for secure, domain-managed authentication over WinRM.
For Linux systems, DataStream supports SSH key–based authentication, ensuring a fully secure, password-less connection. 

Both methods allow agentless collection without exposing credentials to the platform, while maintaining strong security and compliance practices. 

What makes the dataset-based approach unique?

Unlike traditional source-based collection models, our dataset approach is designed to make pipeline creation significantly easier and more intelligent. Since each dataset is already categorized, such as Windows Event Logs, Linux Audit Logs, or authentication events, you immediately know the structure and context of the data you’re working with. 

Will collection impact system performance?

Collection uses native interfaces with a minimal footprint and read-only permissions.

Get DataStream on Azure Marketplace

azure marketplace

Deploy DataStream in minutes with Azure Managed Identity support built in. No credential management, no manual setup.