Results Top Bar The bar at the top of the results view has several features that will help you manage and view alerts. Sandfly Result Top Bar Res...

Viewing Results Sandfly constantly looks at your Linux hosts for signs of compromise or other suspicious activity. Anything it finds is reported as an alar...

You can delete alerts by selecting one or more of them via their checkboxes and then clicking on the Delete Selected button in the right corner of the table...

Sandfly Hunter is a way to quickly search for common pieces of threat data that may be present on your hosts. This is a powerful feature of Sandfly which ca...

Identify, track, and respond to SSH credential use and abuse SSH Hunter is a powerful tool to track SSH key usage across your Linux systems. SSH Hunter ...

Sub-Section of SSH Hunter The Key Investigation area of SSH Hunter provides information that centers around host aspects of SSH key data that is collected ...

Sub-Section of SSH Hunter The User Investigation area of SSH Hunter provides information that centers around user aspects of SSH key data that is collec...

Sub-Section of SSH Hunter The Host Investigation area of SSH Hunter provides information that centers around host aspects of SSH key data that is collec...

Scanning Hosts Manually Although Sandfly is designed to work automatically to constantly scan for threats, you can also use it to do manual spot checks to ...

Starting with Sandfly version 4.2, the Scheduler now consists of two different schedule types. The original (and default) Scan Hosts type is where scan sche...