List view
Remove friction from existing analyst workflows (like pull requests for rule updates) and make Osprey accessible to less technical teams who can identify abuse patterns but may struggle with the current rule process. Note this milestone may be broken down depending on community and contributor feedback; it currently represents the next area of focus and batch of features/fixes planned.
No due date•0/2 issues closed**Goal**: Reliable, flexible infrastructure that provides the critical functionality of an investigation rules engine that’s capable of running at scale and users can adopt rather than building isolated rules engines from scratch. **Core features:** - Self-hostable rules engine with incident response interface - Real-time streaming data processing at high queries or events per second - Very flexible definition of user defined functions and custom logic encoded in rules that the engine will process over the input stream. Osprey can evaluate O(1000s) of rules at above scale - Analytics database (Druid) for event storage and analysis - Horizontal scaling for enterprise workloads These features were chosen in order to make the main components of the tool originally built at Discord widely-applicable to others: the core rules engine, the UI, the labeling service, and the coordinator that acts as a load balancer once users start having a large number of sync and async rules.
Overdue by 2 day(s)•Due by January 23, 2026•39/41 issues closed