Documentation

Everything you need to deploy, operate,
and explain GhostLogic.

Start with a quick deploy, then go deeper into architecture, evidence handling, and integration once you’re comfortable. The docs assume a technical reader who doesn’t need marketing copy in their way.

Core documentation sets

These are the major entry points you’ll touch in a real deployment. Replace the links below with your actual docs URLs, GitHub Wiki, or static docs site.

01 · Quickstart

Single-node deploy, smoke tests, and first evidence capture in under an hour.

View quickstart guide →

02 · Deployment & topology

Recommended layouts for labs, production, MSSPs, and multi-tenant environments.

View reference architecture →

03 · Operator guide

How to investigate, replay, export, and hand off evidence to legal or clients.

View operator docs →

04 · API & integration

Hook GhostLogic into SIEM, SOAR, ticketing, or your own IR automation.

View API reference →

Need a docs walkthrough for your team?

We’re happy to run your engineers and incident responders through how GhostLogic fits into your existing stack, using your reality, not a fake lab breach.

Book a technical session

Everything you need to deploy, operate, and explain GhostLogic.

Core documentation sets

Everything you need to deploy, operate,
and explain GhostLogic.