Data Export
Export security data from CastellanAI for use in external systems and reports.
Multiple Export Methods
CastellanAI supports manual exports, scheduled exports, and API integration for maximum flexibility.
Overview
Export from Dashboard
- 🛡️ Security Events
- 📊 Reports
Export Security Events
- Navigate to Dashboard → Security Events
- Apply any filters (date range, severity, event type)
- Click the Export button in the top-right corner
- Choose your format:
| Format | Best For |
|---|---|
| CSV | Spreadsheets and data analysis |
| JSON | Importing into other systems |
| Sharing reports with stakeholders |
Export Reports
- Go to Reports → Generated Reports
- Select the report you want to export
- Click Download and choose your preferred format
Available Reports:
- Security summary
- Event trends
- Agent status
- Compliance overview
Scheduled Exports
- ➕ Create Export
- ⚙️ Manage Exports
- 📅 Schedule Options
Create a Scheduled Export
- Go to Settings → Data Export
- Click + New Scheduled Export
- Configure the export:
| Field | Description |
|---|---|
| Name | Descriptive identifier |
| Data Type | Security events, agent status, or audit logs |
| Filters | Date range, severity levels, specific agents |
| Format | CSV, JSON, or PDF |
| Schedule | Daily, weekly, or monthly |
| Delivery | Email or secure file storage |
- Click Save
Manage Scheduled Exports
View, edit, or delete scheduled exports from Settings → Data Export:
| Action | Description |
|---|---|
| Edit | Modify export configuration |
| Pause | Temporarily stop exports |
| Delete | Permanently remove scheduled export |
| Run Now | Trigger immediate export |
Schedule Options
| Schedule | Delivery Time |
|---|---|
| Daily | 6:00 AM local time |
| Weekly | Monday 6:00 AM |
| Monthly | 1st of month 6:00 AM |
| Custom | Enterprise only |
Time Zone
Exports use your organization's configured time zone. Update in Settings → Organization.
Data Retention
Your data export options depend on your subscription tier:
| Subscription | Data Retention | Export History |
|---|---|---|
| Small Business | 24 hours | Last 7 days |
| Medium Business | 7 days | Last 30 days |
| Enterprise | 30 days | Last 90 days |
Extended Retention
Need longer data retention? Contact sales about Enterprise archival options.
Export Formats
- 📄 CSV
- 📦 JSON
CSV Format
Comma-separated values for spreadsheet applications.
Best For:
- Excel analysis
- Data manipulation
- Simple imports
Example:
timestamp,severity,event_type,source_ip,description
2025-01-15T10:30:00Z,high,auth_failure,192.168.1.100,Multiple failed logins
2025-01-15T10:31:00Z,critical,malware,192.168.1.50,Ransomware detected
JSON Format
JavaScript Object Notation for programmatic access.
Best For:
- API integration
- SIEM imports
- Custom processing
Example:
{
"events": [
{
"timestamp": "2025-01-15T10:30:00Z",
"severity": "high",
"event_type": "auth_failure",
"source_ip": "192.168.1.100",
"description": "Multiple failed logins"
}
],
"metadata": {
"total": 150,
"exported_at": "2025-01-15T12:00:00Z"
}
}
PDF Format
Formatted document for sharing and printing.
Best For:
- Stakeholder reports
- Compliance documentation
- Audit evidence
Includes:
- Executive summary
- Event details table
- Charts and graphs
- CastellanAI branding
API Integration
For automated data exports or integration with external systems:
- 🔓 Enable API
- 💻 API Example
Enable API Access
- Enable API access in Settings → API Access
- Create an API key with appropriate permissions
- Use the API to query events programmatically
See API Access for detailed setup instructions.
API Export Example
# Export events from the last 24 hours
curl -H "Authorization: Bearer YOUR_API_KEY" \
"https://api.castellanai.com/v1/events?since=24h&format=json"
Parameters:
| Parameter | Description |
|---|---|
since | Time range (1h, 24h, 7d, 30d) |
severity | Filter by severity level |
format | Response format (json, csv) |
limit | Maximum results |
Compliance Exports
- 📋 Generate Export
- 📜 Frameworks
- 📦 Export Contents
Generate Compliance Export
For compliance audits requiring complete data exports:
- Go to Reports → Compliance
- Select the compliance framework
- Choose the date range for the audit period
- Click Generate Compliance Export
Supported Frameworks
| Framework | Description |
|---|---|
| SOC 2 | Service Organization Control |
| HIPAA | Healthcare data protection |
| PCI DSS | Payment card security |
| GDPR | EU data protection |
| ISO 27001 | Information security |
Export Contents
Compliance exports include:
| Data | Description |
|---|---|
| Security Events | All events for the period |
| Configurations | System settings snapshot |
| Audit Logs | User activity records |
| Policy Documents | Detection rules and policies |
| Evidence Summary | Executive overview |
📝 Export Checklist
- Identify data requirements
- Select appropriate format
- Configure date range filters
- Set up scheduled exports if recurring
- Verify export contents
- Store exports securely
- Document retention requirements
What's Next?
| Guide | Description |
|---|---|
| API Access | Enable and manage API keys |
| Webhooks | Real-time event notifications |
| Generating Reports | Create custom reports |