Skip to main content
Affinity/Documentation
Español

Getting Started

  • What is Affinity
  • Sign In
  • Your First 15 Minutes
  • Navigation Map

Integrations (Admin)

  • Integration List
  • Create Integration
  • Start Ingestion
  • Secrets

Logs (Analyst)

  • Overview
  • SQL Queries
  • Search & Export
  • Analytics Mode
  • Share Queries
  • Create Rule from Logs

Alerts (Analyst)

  • List & Filters
  • Details & Management
  • Full View

Detection & Notifications (Admin)

  • Detection Rules
  • Notification Channels

Incident Response (Analyst)

  • Extract IOCs
  • Query IOCs in Logs
  • Export Results

Usage Analytics

  • Ingestion Metrics

Administration

  • User Management

Troubleshooting

  • Common Issues

Reference

  • Glossary
  • Integration Catalog
  • FAQ
  • Step-by-Step Guides

Glossary

Analyst | Administrator5 min

What it's for

Quick reference for terms used in documentation and the Affinity interface.

Terms

  • Alert — Security event generated by a rule.
  • Detection Rule — Scheduled query that generates alerts.
  • Integration — Connection to a log source.
  • Secret — Securely stored credential.
  • Notification Channel — Destination (Slack, Discord, etc.) for alerts.
  • IOC — Indicator of compromise (IP, domain, hash…).
  • Query — SQL search over your logs in Affinity.
  • Ingestion / Enqueue — Process of bringing logs into the platform.
  • Analyst — User who investigates alerts and logs.
  • Administrator — User with Management access.
Previous

Common Issues

Next

Integration Catalog