Monitor network traffic for signs of suspicious behavior

Request a DemoRead the Docs

Monitor Fastly logs to gain complete visibility into your network traffic with Panther’s Fastly integration.

Fastly access logs contain information for each request made by a client, handled by the Fastly CDN. This includes the files that are accessed, how your service responded to a request, what browser a client is using, the IP address of clients, and more. Panther can collect, normalize, and monitor Fastly logs to help you identify suspicious activity in real-time. Your normalized data is then retained to power future security investigations in a serverless data lake powered by AWS or the cloud-native data platform, Snowflake.

Use Cases

Common security use cases for Fastly with Panther include:

  • Track user behavior and easily identify patterns of suspicious activity
  • Monitor for bot traffic and spot anomalies in user patterns
  • Monitor for activity that might indicate a DDoS attack

How it Works

The integration is simple and fast:

  • Send your Fastly Logs to a S3 bucket with their native integration
  • Add your S3 Bucket as a data source in Panther
  • Panther parses, normalizes, and analyzes your log data in real-time
  • As rules are triggered, alerts are sent to your configured destinations
  • Normalized logs can be searched from Panther’s Data Explorer
  • Sit back and monitor your activity!

Learn more about Panther's supported log schema for Fastly.