Your open-source stack is running blind.

Nextcloud doesn't log credential creation. Keycloak writes auth events to stdout and nowhere else. Mattermost doesn't record successful logins in its default log. StratusVeil fixes all of it — one agent, your backend, their server.

Book a demo See how it works

Deep coverage for the platforms your clients run

StratusVeil ships with out-of-the-box intelligence packs for Nextcloud, Keycloak, and Mattermost. Running something else? We build integration packs for any platform — one agent, one pipeline, regardless of what's in the stack.

Nextcloud

File access, mass deletion, ransomware-pattern writes, admin escalation, public link abuse, app password creation — none of it visible by default. We make it visible.

Keycloak

Keycloak controls access to everything else in the stack, but its auth events go to stdout and disappear. We capture every login, role change, token event, and identity provider modification — structured, searchable, alerted.

Mattermost

Internal comms on your clients' own servers. We monitor auth, admin actions, privilege changes, and plugin activity — the events Mattermost's default log doesn't capture.

Custom

Your platform

Running GitLab, Grafana, Vault, or something bespoke? We build integration packs to order — same pipeline, same detection framework, same OpenObserve visibility. If it writes logs, we can monitor it.

How it works

→

Install one agent

We ship a configured Wazuh agent. It installs on the client's server and reads the log files from whichever platforms they're running. No changes to their applications. No second server on their end.

→

We handle the backend

The SIEM manager, enrichment pipeline, and OpenObserve instance run on your infrastructure. Your clients never touch it. Alerts, dashboards, and compliance reports are yours to deliver.

Alerts from day one

90+ detection rules fire on real events — brute force, credential abuse, data exfiltration patterns, privilege escalation. Discord or email alerts for anything severity 8+. Full analyst dashboard included.

NIS2 requires 12 months of structured log retention and incident detection. StratusVeil delivers both.

See the full compliance coverage →

Built for MSPs. Your backend, your margin, your brand.

You manage the SIEM. Your clients get security monitoring without a security team. We give you the rules, the pipeline, and the operations playbook to deliver it as a managed service.

MSP programme details →

Book a demo

Learn how StratusVeil delivers security monitoring for Nextcloud, Keycloak, and Mattermost