Astral Agent

The Astral Agent is the monitoring and data collection component of the Astral SIEM. It is responsible for gathering security-relevant information from the environment and forwarding it to the Astral ingestion pipeline for analysis and correlation.

The Astral Agent operates on monitored systems and infrastructure, enabling collection of data from operating systems, applications, log files, network traffic, and other supported sources. It supports multiple collection methods, including file-based monitoring, operating system event collection, network monitoring, and integration with external services, ensuring broad and flexible coverage across different environments.

In addition to data collection, the Astral Agent performs initial processing tasks such as event formatting and secure transmission. This ensures that data is reliably delivered to Astral components while preserving integrity and consistency.

By acting as the primary bridge between the environment and the Astral SIEM, the Astral Agent enables continuous visibility and timely detection of security-relevant activity. All data collected by the agent feeds directly into Astral’s analysis, correlation, and response workflows, supporting end-to-end security operations within the Inopli ecosystem.