CyVectors EventLog Sentry – Windows Security Log AI Analysis

Monitor the Events That Matter with Embedded ONNX AI
Reports important Windows event log event ID's to the SIEM as syslog for the endpoint it is monitoring.

Sensors

Embedded AI

Sensor Operations

• Problem: Critical Windows security events (failed logins, privilege changes, Kerberos errors) often drown in log volume and go unnoticed.

• Solution: EventLog Sentry monitors configured Event IDs, cleans messages, tracks first/last seen, counts, and rates, then enriches with AI anomaly scoring and syslog export.

• Why Different: Embeds ONNX AI models for adaptive thresholds, anomaly detection, and autonomous learning; supports JSON syslog, registry -driven config, and agentic AI updates every 15 minutes.

• Syslog Output Fields: Timestamp, Sitename, Host, Service, Event ID, Flags (e.g., Login Success, User Created, Locked Out), Count, Rate (/min), Duration, Threat Score, Anomaly Flag, Recommended Action.

Host Resource Requirements

CPU: < 1%
Memory(RAM) < 50MB
Disk: < 1MB per day log writes
Network: < 1KB/s syslog traffic