Builtin ToolsetsΒΆ
Holmes allows you to define and configure integrations (toolsets) that fetch data from external sources. This data will be automatically used in investigations when relevant.
You can write your own toolset or use the default Holmes toolsets listed below.
Builtin toolsetsΒΆ
Holmes comes with a set of builtin toolsets. Some of these toolsets are enabled by default, such as toolsets to read Kubernetes resources and fetch logs. Some builtin toolsets are disabled by default and can be enabled by the user by providing credentials or API keys to external systems.