CyRay’s KeepAlive Service


Mobula Keep-Alive is an essential service designed to ensure the seamless operation of SIEM (Security Information and Event Management) connectors and the overall functionality of the Mobula Platform. With its advanced monitoring capabilities, Mobula Keep-Alive constantly assesses the status of connectors and critical processes, providing real-time alerts whenever a connector or process fails to report.

In today’s rapidly evolving threat landscape, organizations heavily rely on SIEM systems to detect and respond to security incidents. SIEM connectors serve as the vital link between various data sources and the SIEM platform, enabling the ingestion of logs and events for analysis. However, any disruption or malfunction in these connectors can lead to a significant gap in security monitoring, potentially exposing organizations to undetected threats.

The Mobula Keep-Alive service diligently monitors the functionality of SIEM connectors, ensuring their continuous operation. By constantly tracking the reporting status of connectors, it identifies any instances where a connector fails to transmit data to the SIEM platform. This could be due to technical issues, network interruptions, misconfigurations, or other factors that may impede the normal functioning of the connectors.

Additionally, Mobula Keep-Alive extends its monitoring capabilities to critical processes within the Mobula Platform itself. This includes the core components responsible for data ingestion, processing, correlation, and alert generation. By continuously checking the health and functionality of these processes, it ensures that the Mobula Platform is operating optimally and capable of delivering accurate and timely insights.

When Mobula Keep-Alive detects a connector or process that is not reporting or functioning as expected, it immediately generates real-time alerts. These alerts can be configured to notify security teams, administrators, or designated personnel, allowing them to promptly investigate and address the underlying issue. By providing proactive notifications, Mobula Keep-Alive enables organizations to minimize potential downtime, identify and resolve issues swiftly, and maintain the effectiveness of their security monitoring infrastructure.

Key Features of Mobula Keep-Alive:

– Real-time monitoring of SIEM connectors and critical processes within the Mobula Platform.

– Continuous assessment of connector reporting status to detect failures or disruptions.

– Alert generation and notification when connectors or processes are not functioning as expected.

– Customizable alert configurations to suit organizational requirements.

– Enables prompt investigation and resolution of connector or process issues to maintain uninterrupted security monitoring.

With Mobula Keep-Alive, organizations can rest assured that their SIEM connectors and Mobula Platform are operating reliably and continuously. By proactively identifying and addressing potential issues, this service enhances the overall security posture and strengthens incident response capabilities.

More to explorer

New Deployed Rules

NTFS:   1. Volume Shadow Copy Mount PowerShell Script   2. Code Executed Via Office Add-in XLL File   3. Potential Invoke-Mimikatz PowerShell Script   4.

New Deployed Rules

MSMQ:    1. MSMQ Corrupted Packet Encountered Network Share Object:    2. Protected Storage Service Access   3. Possible Impacket SecretDump Remote Activity

Sign up for our newsletter

Time to market

One-day SIEM integration