Plugins
What is a plugin?
LogCraft CLI relies on plugins to interact with technology providers through their APIs.
A technology provider is a specific product from a software editor, for example:
- Google
ChronicleSecOps (SIEM) - Cisco Splunk (SIEM)
- Microsoft Azure Sentinel (SIEM)
- Tanium (EDR)
- Carbon Black (EDR)
- and so on
Each of these products can be integrated with LogCraft CLI through a plugin.
In short, anything that has a REST-API can be integrated with a plugin.
Where to find plugins?
Plugins are distributed separately from LogCraft CLI itself, and each plugin has its own release cadence and version numbers.
At the moment, all plugins are available in a single mono-repository at:
LogCraft Registry
We are working on a registry to ease the distribution process, stay tuned (and connect with us if you want to give a hand, LogCraft CLI and the plugins are OpenSource!!).
Missing plugin?
If you want to use LogCraft CLI with a technology that has no plugin yet, you can either request it or create your own implementation.
How to request a plugin?
To request a plugin, open a ticket in GitHub and describe the technology you want to be supported.
Give as much details as possible and include at least:
- The company name,
- The product,
- Its version (mostly for on premise software)
For example:
- Cisco, Splunk, v9.0.1
- Microsoft, Azure Sentinel
WARNING
DO NOT use abbreviated "common langage" as it may be confusing. For example, if you request 'Sentinel', we wouldn't know if you are refering to SentinelOne or Microsft Azure Sentinel, or something else.
TIP
Contact us at hello@logcraft.io if you want to learn about our premium support plans which include plugin creation
Create your own plugin
Plugins can be created in almost any programming language.
Under the hood, LogCraft CLI uses WASI/WASM to sandbox the plugins which allow you to use your preferred language (and it executes at near native speed, in a sanboxed environment. 😎)
Follow this plugin development documentation (please contribute back by publishing your plugin 🙏 ).
What kind of plugins exist?
TIP
To learn more about our Technology Partner Program, please contact partners@logcraft.io
| Tier | Description | Namespace |
|---|---|---|
| Official | Official plugins owned and maintained by LogCraft | logcraft/* |
| Partner | Partner plugins are written, maintained, validated and published by third-party companies against their own APIs. To earn a partner plugins badge the partner must participate in the LogCraft Technology Partner Program. | Third-party organization, e.g. google/chronicle |
| Community | Community plugins are published by individual maintainers, groups of maintainers, or other members of the LogCraft community. | Maintainer’s individual or organization account, e.g. johnsmith/sometech |
| Archived | Archived plugins are plugins that are no longer maintained (i.e. deprecated). | Any |