Overview

Gurucul Data Optimizer is a machine-learning–driven solution designed to streamline data collection, normalization, enrichment, filtering, and routing across security and IT environments. Integrated within the REVEAL security analytics platform (or available standalone), it enables SOC teams to gain complete data visibility while reducing ingestion and storage costs by at least 40%. It handles any log or event data from any source and routes it intelligently—to SIEMs, data lakes, or low-cost storage—while offering federated search for analysts to query across both hot and cold data stores.

Features and Capabilities

• Universal data collector: Centralizes logs/events in any format from any source, with built-in connectors and custom integration options.
• Advanced ML-based parsing & normalization: Automatically converts raw security, observability, and network logs into structured formats and enriches them with context like threat intel and identity/asset linking.
• Granular filtering & reduction: Enables regex-based, priority-based, type-based, and attribute-based log filtering to eliminate noise and reduce volume—cutting data costs ≥40%, up to 87% with tuning.
• Data deduplication & sampling: Removes duplicates and samples high-volume streams to optimize pipeline efficiency.
• Flexible data routing: Forks and routes filtered data to multiple destinations—SIEM, data lakes, cold storage—with custom logic and no vendor lock-in.
• Federated search across all data: Analysts can query across hot SIEM data and cold storage without reingestion, avoiding transfer/storage costs and maintaining full visibility.
• Replay & retention control: Retains full, untouched copies of original data with on-demand replay capabilities for compliance and audits.
• Cloud-agnostic storage integration: Sends non-critical logs to low-cost cloud cold storage while keeping them searchable via federated tools.
• Seamless REVEAL Platform integration: Works natively with Gurucul’s Next-Gen SIEM, UEBA, SOAR, and Identity Analytics modules.