Welcome to Zentral

Zentral

Zentral is an open-source hub for endpoint protection.

Extensions are available for many agents, to deploy and configure them, and to collect, normalize and process the events they generate.

Connectors exist for device management solutions, to track inventory changes, and if possible, dynamically change group assignments.

Events are stored in Elasticsearch. They can be forwarded to third party SIEMs.

Filters can be configured to display events, and trigger actions outside of Zentral.

Quick start

You can deploy it on your machine with Docker, or start a cloud instance from our custome Zentral all in one images on AWS or Google Cloud Platform.

Supported agents

  • Filebeat
  • Munki
  • Osquery
  • Santa
  • Xnumon

Inventory sources

  • Filewave
  • Jamf
  • Puppet
  • Watchman

Event stores

Actions

  • Inventory group change (for compatible inventory sources)
  • Messaging (email, SMS, Slack, …)
  • Tagging
  • Tickets (Zendesk, Github, …)