CrowdStrike Falcon® Long Term Repository
The world’s leading AI-native platform for long-term data retention

Hunt down threats faster than ever with scalable, cost-effective storage and search for CrowdStrike data.

Get the full picture with Falcon Long Term Repository

threat-intel-icon-ltr

Enhanced threat hunting at scale

Get deep, contextual and faster analytics on massive amounts of historical and real-time security data across your dispersed environment to uncover hidden threats and detect irregularities that may suggest malicious behavior.

eye-icon-ltr

Longer data retention with extended visibility

Retain and unify your security telemetry for a year or more with cost-effective scalable storage, enabling extended visibility across endpoints, workloads, identities and more for enhanced completeness and accuracy during investigations.

computer-inc

Threat context visualization with powerful searches

Falcon Long Term Repository (LTR) offers a feature-rich query language and index-free search capabilities that allow you to run complex queries and lightning-fast searches on log data for enhanced threat context and actionable insights.

Why Falcon Long Term Repository

Extend storage and accelerate response

Gain historical and real-time threat context

  • Enable long-term storage: Reduce cost and improve visibility with long-term scalable storage of historical and real-time CrowdStrike Falcon® platform data, along with additional logs. Store and manage your data for a year or more, enabling enhanced threat context for more complete and accurate analysis and accelerated detection and remediation.
  • Hunt threats at unprecedented scale: Get deep, contextual and faster analytics on massive amounts of security data, including correlated CrowdStrike Falcon® indicators of compromise (IOCs), to uncover hidden threats in your dispersed environment and detect irregularities that may suggest malicious behavior.
  • Detect potential attacks faster: Gain valuable and contextual insights with sub-second latency searches including advanced threat and vulnerability investigations
Detections dashboard

Operationalize your security data at scale

  • Unify distributed data sets: Collect and analyze all log data in one place to minimize context switching, providing a single comprehensive view of your environment for actionable threat insights.
  • Reduce cost and improve visibility: Get cost-effective, scalable storage with industry-leading compression levels, minimizing resource and compute requirements and simplifying deployment and setup.
  • Access fast and custom search: Leverage a feature-rich query language and index-free search capabilities through historic and real-time data, allowing you to ask any questions of your Falcon data to get immediate answers for advanced threat and vulnerability investigations.
Falcon Long Term Repository tactics and techniques

Enable enriched data and threat analytics

  • Leverage the CrowdStrike Security Cloud: Use enriched data from the CrowdStrike Security Cloud — the world’s largest unified, threat-centric data fabrics, correlating trillions of security events per day with indicators of attack (IOAs) — to strengthen your threat analytics and hunting.
  • Receive alerts for critical threats: Enable custom alerts for events that matter most to you based on streaming data in real time, enabling faster threat detection and investigation.
  • Meet compliance and security requirements: Store and manage Falcon data for one or multiple years, enabling complete and accurate investigation and analysis, and helping you achieve compliance and gain visibility over attack paths.
Domain search

Falcon Long Term Repository

Cost-effectively store your CrowdStrike Falcon® platform data for months or years.

Explore the platform

Falcon Long Term Repository

Cost-effectively store your CrowdStrike Falcon® platform data for months or years.

Explore the platform