The lack of visibility that an organization can have regarding the data circulating through its infrastructure, makes it difficult to understand what is happening in your business. With WDP it is possible to collect all the data in a centralized platform and in a simple way, perform operations on the data, organize it in an appropriate way and analyze it using the Wizzie visualization tool or third-party platforms.

WDP is characterized by the freedom and flexibility it offers its users. These are its main characteristics:

• Collection: we understand data coming through multiple protocols, and if you use a protocol that we do not know, we will learn it, and adapt.
• Real time: You can have the data, as well as the analysis performed on it, almost instantly.
• Scalability: No matter how much your organization grows and the amount of information to process, WDP can grow with it whenever you need it.
• High intake rate: Our technology is capable of collecting and processing thousands of events per second (or billions of events a day, to say it another way…).
• Multi-tenancy: you can use the same WDP installation to offer services to different users, departments, or even your own clients, allowing you to keep the data of each customer in different data warehouses.
• Open: WDP is Open Core and most of the supported protocols are standard. We also allow third-party platforms to access the information contained in WDP.
• Free deployment: no matter where you want to deploy WDP, be it a third-party cloud, an own cloud, a virtual or a physical machine… Any environment with Kubernetes can be used to install WDP.

Once the messages or events arrive at WDP in the JSON format, the Normalizer component provides the user with different functions that can be useful for treating the received messages. For example, if you need to make any changes to the messages, such as including new fields, dividing a field into two, perform some type of parsing…, this is possible directly with the Normalizer, without using an external tool.

This component is responsible for including additional information to the events. For example, if you have real-time data of the network traffic flows in a Wi-Fi network, and you also have data on the location of the WiFi access points, you can enrich the traffic flow data by incorporating geolocation data, enabling to get a geospatial perspective of the network’s usage.

You can also enrich data with external information sources. For example, the IP address can be used to geolocate the events (continent, country, coordinates, etc.), obtain their reputation value, add the server or workstation hostname in their network, the users connected to said hostnames, etc. And the MAC address can be used to obtain the manufacturer of the device, its hostname, etc.

In addition to this, any additional data source available to your organization can be used to enrich the data received in WDP.

This component is our complex event processing engine, which analyzes and correlates incoming data based on advanced processing rules, such as filters, temporary windows, sequences, patterns, etc. It is also able to generate alerts or expand the input data, providing more visibility at the analysis stage.

It is not necessary, because we make our Professional Services area available to your organization to perform all the necessary deployments, or to install and configure WDP.

Yes, that is why we have created the Prozzie, a lightweight tool that can be installed on any Linux system and that is able to collect information from different protocols and send it to a remote WDP installation, previously performing a token-based authentication and the HTTPS message encapsulation to provide greater security and integrity to the communications with WDP.