# Data Ingestion Astral’s data ingestion capability is designed to collect and process security information from a wide range of heterogeneous sources, ensuring broad visibility across the organization’s digital environment. It supports the ingestion of logs, events, and security signals generated by infrastructure components, operating systems, applications, cloud services, identity platforms, and other security controls. This multi-source approach allows Astral to operate as a centralized point for security data, regardless of the origin or format of the information. In addition to log-based sources, Astral also ingests data derived from network activity. Through the Inopli Agent, the platform is capable of monitoring network traffic and extracting relevant metadata that supports intrusion detection and behavioral analysis. Rather than relying solely on payload inspection, Astral focuses on traffic characteristics, communication patterns, and contextual indicators that can reveal malicious or anomalous activity within the network. Once data is collected, Astral applies a unified processing pipeline to **analyze, interpret, normalize, and correlate events originating from network traffic metadata and logs from different sources**. This process converts raw, unstructured inputs into a consistent and enriched data model, enabling meaningful correlation across otherwise disconnected signals. Normalization ensures that events from distinct technologies can be analyzed together, while correlation links related activities into coherent security narratives. By combining ingestion from diverse log sources with network-level visibility, Astral provides a comprehensive foundation for security analysis and detection. This integrated ingestion model ensures that both internal system activity and network behavior contribute to a consolidated view of the environment, supporting accurate detection, contextual understanding, and effective downstream response within the Inopli ecosystem. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.inopli.com/astral/data-ingestion.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.