Security Events
Security events are records of threats and anomalies detected by the MeetLoyd platform. Every time the system blocks a malicious file, detects a prompt injection attempt, or identifies suspicious behavior, it creates a security event that your administrators can review and act on.
What Triggers a Security Event
Security events are created automatically when the platform detects something that requires attention:
| Category | Examples |
|---|---|
| File security | Malicious content, disguised files, credential exposure in documents |
| Prompt security | Adversarial content in chat messages or uploaded documents |
| Authentication security | Failed login patterns, unusual access patterns |
| Rate limiting | Excessive usage from a single source |
Events are never created manually -- they are always the result of an automated detection by the platform's security pipeline.
Severity Levels
Each event is assigned a severity based on the potential impact:
| Severity | Meaning | Examples |
|---|---|---|
| Critical | Active threat that could cause immediate harm | Disguised malware, high-confidence adversarial content |
| High | Significant threat that requires prompt investigation | Credential exposure, malicious document content |
| Medium | Suspicious activity that should be reviewed | Unusual file patterns, moderate-confidence detections |
| Low | Minor anomaly, informational | Rate limit approaching threshold |
Monitoring Security Events
SIEM Integration
Security events can be exported to your existing Security Information and Event Management (SIEM) system for centralized monitoring. MeetLoyd supports:
- Splunk, Datadog, Elastic Security, and SumoLogic as built-in destinations
- Custom HTTP endpoints for any SIEM that accepts webhooks (including Microsoft Sentinel and AWS Security Hub)
- Real-time streaming -- Events flow to your SIEM as they are detected
- Multiple formats -- JSON, CEF (Common Event Format), and LEEF (Log Event Extended Format)
This allows your security operations team to correlate MeetLoyd events with signals from the rest of your infrastructure in a single pane of glass.
See SIEM Integration for setup instructions.
Feature Availability
| Feature | Growth | Enterprise |
|---|---|---|
| Security event detection | Yes | Yes |
| Security Center dashboard | Yes | Yes |
| Real-time event stream | Yes | Yes |
| Event investigation & resolution | Yes | Yes |
| SIEM export | -- | Yes |
| Custom alert rules | -- | Yes |