Blog
Stay in the loop: Updates, Innovations, and Community Insights
Featured Articles
10x search improvement? Optimize Splunk fields with Axoflow
Sending indexed fields can make your Splunk instance run far more efficiently. This post shows how easily you can send payload- and externally-derived metadata to Splunk with Axoflow.
Beyond Cutting Cost: Why Data Quality Makes Security Pipelines Strategic
Anton Chuvakin and Tim Peacock interview Balázs Scheidler (Axoflow CEO and syslog-ng founder) about the industry’s move from centralization to data access. They discuss why poor data quality weakens SIEM value, how modern pipelines normalize and enrich data so it is ready for immediate use, and meet data quality requirements.
Axoflow’s Storage Strategy: Building the Security Data Layer
Discover Axoflow’s storage solutions for the Security Data Layer. From edge storage and cost-efficient data lakes to stream processing and air-gapped deployments, learn how Axoflow powers scalable, flexible, and reliable security data pipelines.
All Articles
%2520Comparison%25202026.png)
Security Data Pipeline Platform (SDPP) Comparison 2026: What the Seven-Platform Reviews Miss
A recent comparison of the seven leading Security Data Pipeline Platforms does a reasonable job of mapping the consolidation wave — three acquisitions, $3.8 billion, twelve months. But it leaves out two criteria that change the answer for most enterprise security teams evaluating this category in 2026-2027.
The pipeline was never the destination
Gartner's Hype Cycle for Security Operations 2026 did something I didn't expect: it removed the standalone security data pipeline from security operations. And added a new category: Security Data Lakes. That's not a coincidence. It's a market shift.
OMB M-26-14: What Federal Agencies Need to Know About the New Logging Mandate
How Federal Agencies can meet the requirements of the OMB M-26-14 logging mandate, and how Axoflow can help them to get there fast and in a cost-effective way
AxoSyslog internals: flow control, window size, queues, and batching
How AxoSyslog implements in-application ACK, flow control, memory and disk buffers, batching, and how log-iw-size interacts with batch-lines under the hood
The Data Floor Sets the AI Ceiling
AI-ready security starts with telemetry your team can trust. Learn why vendor-owned normalization, not brittle rule maintenance, sets the ceiling for AI SOC performance.
.png)
No More Parser Maintenance: Why Detection Engineering Can't Work Without a Pipeline That Keeps Up
Detection rules fail silently when parsers miss schema changes. Learn how autonomous classification keeps your fields where your detections expect them.
Message delivery guarantees in security data pipelines
How delivery guarantees, flow control, and buffers behave in security data pipelines across UDP, TCP, HTTP, gRPC, OpenTelemetry Collector, Kafka, and AxoSyslog.
Why Your AI SOC Is Only as Good as the Data Feeding It
Most enterprise security data was never designed to be machine-readable in the way that AI-driven platforms require. It was designed to be ingested into a SIEM and queried by analysts who knew how to navigate its quirks. That worked well enough in a world where humans were doing the reasoning. In an AI-native SOC, those quirks become critical defects.
Getting Data into XSIAM the Right Way: A Deep Dive with Axoflow
Discover how Axoflow's security data pipeline solves the "Getting Data In" problem for Cortex XSIAM — automating LEEF formatting, XDM normalization, and user rule creation so your security data lands clean, structured, and ready to act on.
Subscribe to stay in touch
Sign up for our newsletter to be the first to knew about new articles. We are excited to be realizing our vision above with a full Axoflow product suite.