Substation

Forensics & Incident Response

A cloud native data pipeline and transformation toolkit for security teams.

Track releases GitHub Website

Go Latest v2.8.0 · 4mo ago Security brief →

Features

Extensible data processing with built‑in functions and custom Go plugins
Conditional routing of logs to AWS services (S3, Kinesis, SQS, Lambda) or any HTTP endpoint
Schema normalization supporting ECS, OCSF, or user‑defined schemas
Scalable enrichment via external APIs or microservices
Serverless deployment on AWS with Terraform, requiring no maintenance

Recent releases

View all 1 releases →

v2.8.0 Breaking risk 4mo

Breaking changes

Removed aws-sdk-go v1 dependency

Notable features

Added custom gjson modifier to dedupe arrays
Added FormatFromParquet Transform

Full changelog

2.8.0 (2026-01-20)

Features

message: add custom gjson modifier to dedupe arrays (#313) (e37da27)
transform: Add FormatFromParquet Transform (#302) (64928e1)

Bug Fixes

deps: remove aws-sdk-go v1 (#311) (80777b4)

View release on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Releases

View all →

Releases per month

J

F

M

A

M

J

Cadence 0.0 / wk

Last release 134d

Tracked 1

Security

Full profile →

Security score 6.8/10

OpenSSF 6.5/10

Open CVEs 0

SECURITY.md

Community

GitHub stars 400

Forks 32

Open issues 2

Open PRs 1

Stars/wk velocity 0.0

HN peak 2

About

Stars

400

Forks

32

Languages

Go HCL Jsonnet

View on GitHub Homepage

Install & Platforms

Install via

go

Alternative to

Cribl Datadog

Similar tools

VAST

About

Stars

400

Forks

32

Languages

Go HCL Jsonnet

View on GitHub Homepage

Install & Platforms

Install via

go

Similar tools

VAST

Alternative to

Cribl Datadog

Beta — feedback welcome: [email protected]