Name		Name	Last commit message	Last commit date
parent directory ..
README.md		README.md
falco.md		falco.md
loki-vector-fluentbit.md		loki-vector-fluentbit.md
prometheus.md		prometheus.md
slack-telegram.md		slack-telegram.md
wazuh.md		wazuh.md

README.md

kernelradar - Integrations

kernelradar is built around four output channels. Pick the one(s) that fit your stack:

Channel	When to use	Setup
journald	Anything systemd-based	`--format=journald` (default w/ unit)
Webhook	Slack, Telegram, custom SIEM	`[webhook]` in config
Prometheus	Metrics dashboards, alertmanager	`[prometheus]` in config
Falco JSON	Falco-compatible pipelines (Sysdig)	`--format=falco`

Specific guides:

Wazuh - ship JSON via Wazuh agent
Slack & Telegram - webhook recipes
Loki / Vector / Fluentbit - log shipping
Prometheus + Alertmanager - metrics monitoring
Falco compatibility - output format & schema mapping