Documentation
Everything you need to install obserae, describe your network, and start investigating traffic by name. New here? Start with Installation, then the Quickstart.
Getting Started
Installation
Install with Docker or binaries and get the daemon running.
Verify a Release
Check the signature, SBOM and provenance of a download before running it.
Configuring Exporters
Configure routers, firewalls and host probes to send NetFlow/IPFIX to obserae.
Quickstart
Build a tiny cartography, add rules, send traffic and run the first queries.
Configuration
Understand every YAML key and the practical tuning recipes.
Daily Use
Web GUI
Know what each screen is for and where to click next.
CLI
Automate admin tasks and recover access from the terminal.
Cartography
Describe networks, hosts, groups and services by name.
Sessions
Understand the bidirectional conversations built from raw flows.
NFQL
Query flows, sessions, enrichment and rule matches.
NFQL Cookbook
Copy practical query patterns into the Investigation page.
Detection Rules
Model allowed connectivity and inspect what matched.
Alerting
Turn saved NFQL queries into alerts.
Outputs
Send alerts to chat, on-call, webhooks, syslog/SIEM or search platforms.
Connectors
Understand flow exporters, device connectors, enrichment sources and alert outputs.
IP Enrichment
Use cloud, threat-intel, GeoIP and ASN ranges in queries.
Lifecycle
Manage retention, storage and backups.
Monitoring
Watch ingestion throughput, pipeline saturation, memory and DB activity.