Built for compliance with Thailand's Computer Crime Act §26

Centralize every log
from every device — intelligently

SRAN Metalog is a single Log Management Platform that ingests, stores, searches, and analyzes logs from every source in your environment — Windows Event Log, Syslog, network appliances, applications, and more — on one fast, secure, and cost-efficient architecture.

Start free trial → See how it works
sran.metalog · /overview · live
SRAN Metalog — Overview dashboard
Supports 20+ log source formats out of the box
Windows Event Log Syslog (RFC 5424) Linux rsyslog Cisco / Fortinet Suricata / Zeek Honeypot Kubernetes SNMP Trap (v1/v2c/v3)
/ Features

Built for everything Operations, Security, and Compliance teams need

Shaped by real-world experience running infrastructure in regulated industries — easy to install, easy to operate, scales with your organization.

Multi-Source Ingestion
Receive Syslog, Windows Event Log, JSON, and file-based logs from network appliances, servers, and applications concurrently on a single listener.
SNMP Trap Receiver
Native SNMPv1 / v2c / v3 trap listener on UDP/162 ingests unsolicited alerts from switches, routers, firewalls, UPS, printers, and environmental sensors. Bundled MIB resolution translates numeric OIDs into human-readable events (linkUp, linkDown, coldStart, authFail) before they hit the index — so you can search "interface=Gi0/24" instead of decoding ".1.3.6.1.2.1.*" by hand.
Zstd Compression — 90% smaller
Streaming Zstandard compression cuts storage by 90% on average, with per-file SHA-256 hashes for tamper-evident integrity.
Millisecond Search
DuckDB-backed indexing returns results across millions of historical records in under a second, with shareable saved queries for your team.
Real-time Alerting
Build alert rules from MITRE ATT&CK techniques, thresholds, or patterns. Deliver to Email, Webhook, LINE Notify, or downstream Syslog.
Forwarding & Cluster
Forward logs downstream to existing SIEMs with built-in buffering that survives network outages, and run multi-node clusters for high availability.
Enterprise Authentication
Local accounts with TOTP 2FA, LDAP / Active Directory, and OAuth 2.0 (Google, Microsoft, GitHub) — backed by a full per-user audit trail.
/ Benefits

Lower cost, stronger security, painless compliance

01
90%
smaller log footprint

Cut your storage spend

With Zstd compression, 1 TB of raw logs compresses to ~100 GB. Keep 90 days of history on a single disk — no extra NAS investment required.

02
§26
Computer Crime Act

Aligned with Thai regulation

Retain logs for 90+ days per statute, with tamper-evident hashing and a downloadable audit trail your inspectors can verify in seconds.

03
< 1s
to search 1M records

Respond to incidents faster

SOC analysts pivot through historical logs in seconds during an active incident — shorter MTTR, smaller blast radius, fewer escalations.

04
100%
end-to-end visibility

See every signal in one place

Endpoint, network, application, and honeypot logs converge in a single index — giving you the complete attack story rather than scattered fragments.

/ How it works

From ingestion to dashboard in 4 streaming stages

Everything runs as continuous streams — no batch waits. Logs arriving now show up on the dashboard within seconds.

01
Ingest
Listeners accept UDP / TCP / TLS Syslog, Windows Event Log forwarders, SNMP traps on UDP/162, and files via rsyslog imfile.
02
Compress & Hash
Streams are Zstd-compressed in memory, written to disk as .metalog files, and registered with a SHA-256 hash.
03
Index
A background indexer scans new files every 30 seconds, splits records into DuckDB, and auto-extracts key fields.
04
Display & Alert
Dashboards update live; the alert engine evaluates rules every 60 seconds and the forwarder ships events to downstream destinations.
/ Product Tour

A look inside — actual screens from the running platform

These are not mockups. Every screen below is captured straight from the product UI — same dashboards your operators will use after install.

sran.metalog · /hosts
Log Sources — Hosts
sran.metalog · /query
Search — flexible log query
sran.metalog · /raw
Archive — raw .metalog files by date
sran.metalog · /reports
Reports — EPS, storage, top hosts
sran.metalog · /monitor
System Monitor — CPU, RAM, disk, services

Ready to rethink the way your organization handles logs?

Try SRAN Metalog free for 30 days — no credit card required. Our team will help with installation and basic operator training.

Request a Demo → See all features
/ Contact

Talk to us — from sizing to production rollout

Address

SRAN CyberTech
48/6 ซอยแจ้งวัฒนะ 14 แขวงทุ่งสองห้อง
เขตหลักสี่ กรุงเทพมหานคร 10210

Phone

02-982-5445
02-982-5454
063-080-5004

Email

info@sran.net

Connect

Distribution Partner

บริษัท ทูนาเบิล โปรเจค จำกัด

Phone
+66 094-179-8888
Email
info@tunableproject.com
Website
web.tunableproject.com