Currently there is no capability to forward Kolide logs to external services. We are actively soliciting feedback on this prospective feature to determine its implementation. 

If this feature is important to you, we encourage you to reach out with your specific use-case and details about your logging pipeline infrastructure.

1.) How do you currently store logs?
2.) What SIEM do you currently use?
3.) What specific uses for logs do you have in mind? (eg. I want to write an alert rule when a device does not have it's Firewall configured)

Please pass along your interest, feedback and use cases to us on Intercom or email us at

Did this answer your question?