Explanation
Understanding-oriented documentation that explains how LinuxGuard works, why it's designed the way it is, and the concepts behind its security model. These pages provide context and background to deepen your knowledge.
Explanation material is concept-oriented and focuses on understanding rather than doing. These pages discuss architecture, design rationale, and technical concepts. They help you build a mental model of how LinuxGuard operates.
In This Section
Security Architecture — LinuxGuard's security-first design including privilege model, eBPF integration, systemd hardening, and zero-trust principles
Active Response — Safety model, playbook configuration, containment actions, rollback, and the Active Responses monitoring page
Console — The 5-pillar console: Dashboard, Identity Intelligence, Zero Trust Enforcement, Compliance & Audit, and Infrastructure
Alerting & SIEM Integration — The three delivery channels (webhook, syslog, Splunk HEC), how notification rules route signals to channels, and throttle and quiet hours concepts
Related Sections
Looking for something else?
Reference — Look up command syntax, supported distributions, and terminology definitions
How-to Guides — Practical step-by-step instructions for installation and configuration tasks
Tutorials — Hands-on guided learning experiences for getting started
Related: Reference | How-to Guides | Tutorials
Last updated
Was this helpful?