Exporting Data

Export security events, audit logs, and reports from CastellanAI in multiple formats.

Supported Export Formats

CastellanAI supports multiple export formats for different use cases:

Format	Best For	Compatible With
CSV	Spreadsheet analysis, data imports, simple reporting	Excel, Google Sheets, LibreOffice
JSON	API integration, SIEM ingestion, programmatic processing	Splunk, ELK Stack, custom scripts
PDF	Executive reports, audit documentation, compliance evidence	Formatted layout with charts
XLSX	Advanced analysis, pivot tables, charts, multiple worksheets	Excel with formulas and formatting

Exporting Security Events

Step 1: Navigate to Events

Go to the Security Events page or Dashboard where you want to export data.

Navigation Paths:

Dashboard → Export Button
Events → Export → Select Format

Step 2: Apply Filters (Optional)

Filter events before exporting to focus on specific data:

Filter	Options
Time Range	Last 24 Hours, 7 Days, 30 Days, Custom
Severity	Critical, High, Medium, Low
Event Type	All Types or specific categories

Step 3: Choose Export Format

Select the format that best suits your needs:

CSV - For spreadsheet analysis
JSON - For API integration
PDF - For formatted reports
XLSX - For advanced Excel analysis

Step 4: Download or Schedule

Choose immediate download or recurring exports:

Download Now - Immediate file download
Schedule Daily Export - Email delivery at 6:00 AM
Schedule Weekly Export - Monday delivery

Export Limits & Performance

Be aware of export limits to ensure optimal performance:

Subscription Tier	Max Events/Export	API Rate Limit
Small Business	10,000 events	10 exports/hour
Medium Business	50,000 events	30 exports/hour
Enterprise	Unlimited	100 exports/hour

Performance Tip

For large exports (>10,000 events), use JSON or CSV format for faster processing. PDF exports may take longer due to formatting.

API-Based Exports

For programmatic access, use the CastellanAI API to export data:

Export Security Events

GET /api/v1/events/export

Parameters:
- format: csv|json|xlsx
- start_date: YYYY-MM-DD
- end_date: YYYY-MM-DD
- severity: critical|high|medium|low

Export Audit Logs

GET /api/v1/audit-logs/export

Parameters:
- format: csv|json
- user_id: filter by specific user
- action_type: authentication|configuration|etc

Example: cURL Request

curl -X GET \
  'https://api.castellanai.com/v1/events/export?format=json&start_date=2025-01-01' \
  -H 'Authorization: Bearer <your-api-key>'

Scheduled Exports

Automate data exports with scheduled delivery to email or external storage:

Email Delivery

Automatically send exports to email addresses on a recurring schedule.

Schedule options:

Daily: 6:00 AM local time
Weekly: Monday 6:00 AM
Monthly: 1st of month, 6:00 AM

Cloud Storage Integration

Automatically upload exports to cloud storage providers:

AWS S3
Azure Blob Storage
Google Cloud Storage

SIEM Integration

Stream events directly to SIEM platforms in real-time.

Compatible platforms: Splunk, QRadar, ArcSight, ELK Stack, Sentinel

Data Retention & Archive

CastellanAI automatically archives exported data based on your retention policy:

Automatic Archival - Exports older than 90 days are automatically archived to cold storage (Enterprise tier: 1-7 years).
Compliance Retention - Configure custom retention periods to meet regulatory requirements (SOX: 7 years, HIPAA: 6 years, etc.).
Encrypted Storage - All exported and archived data is encrypted at rest using AES-256 encryption.

Export Best Practices

Use Filters to Reduce Size - Apply time range and severity filters before exporting to reduce file size and processing time.
Choose the Right Format - CSV for spreadsheets, JSON for APIs, PDF for reports, XLSX for advanced analysis.
Schedule Regular Exports - Set up automated exports to maintain offline archives and meet compliance requirements.
Secure Exported Files - Encrypt exported files before sharing externally, especially for compliance reports containing sensitive data.
Monitor Export Activity - Review user activity logs to track who is exporting data and ensure compliance with data governance policies.

What's Next?

Custom Reports - Create custom security and compliance reports
Dashboard Overview - Learn about dashboard features and metrics

Supported Export Formats​

Exporting Security Events​

Step 1: Navigate to Events​

Step 2: Apply Filters (Optional)​

Step 3: Choose Export Format​

Step 4: Download or Schedule​

Export Limits & Performance​

API-Based Exports​

Export Security Events​

Export Audit Logs​

Example: cURL Request​

Scheduled Exports​

Email Delivery​

Cloud Storage Integration​

SIEM Integration​

Data Retention & Archive​

Export Best Practices​

What's Next?​