Log Forwarding

Enriched logs from edge decision to analysis

Stream request logs enriched with identity decision, certificate state, TLS path, bot and cache signals to your SIEM, object store, or observability pipeline.

Get Started See Access Signals

Log forwarding workflow showing request enrichment with identity, certificate state, encrypted path, cache and bot fields before forwarding to SIEM and analysis tools.

From Edge Decision to Searchable Evidence

Real-time Event Stream

Each request event is forwarded immediately, so operations teams can investigate incidents while access, TLS, cache, and threat context is still current.

Enrichment in-line

Logs carry identity outcome, certificate status, TLS policy, encrypted path details, bot classification, and cache state as one cohesive request record.

Destination Flexibility

Forward to S3, Azure Sentinel, Azure Monitor, Google Cloud Observability, or HTTP endpoints without rebuilding your analysis workflow.

Preserve Full Request Context in One Pipeline

Peakhour turns isolated edge signals into a single event stream so investigators can trace what happened without stitching together separate tools.

Access decisions, TLS status, cache outcomes, and bot intelligence stay tied to the same request as it moves from edge handling to downstream analysis.

Logging visibility diagram showing complete request context retained through enriched forwarding.

Log forwarding destination diagram showing enriched request events delivered to SIEM and analytics endpoints.

Deliver the Same Evidence to the Tools Your Team Already Uses

The forwarding path keeps data intact from pipeline to destination, so SIEM and observability teams see the same enriched request facts used at the edge.

This makes incident triage, compliance reporting, and threat hunting consistent across platform operations and security workflows.

Dashboard Evidence Confirms the Stream is Actionable

Concept diagrams establish the forwarding model. Dashboard telemetry then verifies that enriched log data is flowing, searchable, and usable during live operations.

Ingress Event intake Confirm forwarded request volume

Context Signal coverage Validate identity, TLS, and bot fields

Operations Investigation readiness Use live evidence for incidents

Log forwarding dashboard showing enriched request events and operational telemetry for investigation workflows. — Production evidence

Live forwarding visibility

Unified request context

Ready SIEM analysis

Teams can move from edge decision to destination analysis without losing request context or relying on delayed batch exports.

Explore Related Platform Features

Edge Access

Evaluate application requests with identity-aware access control.

Learn More

TLS Encryption

Track certificate state and encrypted transport across the edge path.

Learn More

Transform Your Log Analysis

Peakhour Log Forwarding moves enriched request evidence into the systems your operations and security teams already use for investigation, compliance, and response.

Get Started → Learn More

Log analysis destination panel showing enriched event fields forwarded to SIEM, object storage, observability tools, and incident analysis.

Relevant information from our blog

IP Threat Intelligence

Discover and block threats through data enrichment using managed IP reputation lists.

An Overview of JA4+ Network Fingerprinting and Its Implications

An in-depth exploration of the JA4+ network fingerprinting method, its applications, and its role in cybersecurity.

A Risk Based Approach To Vulnerability Scoring

An in-depth exploration of EPSS, its data-driven approach to assessing cybersecurity threats, and how it complements CVSS.