AI
OpenAI
Use OpenAI models for grounded investigation, summarization, app generation, and evidence-aware workflows.
AIAgentsWorkflows
Integrations
Connect every evidence app to the real world.
Bring models, streams, lakes, warehouses, SaaS systems, and actions into one AI-ready workspace.
Mach5 appdata, AI, action
Data
all the signals your app needs
AI
answers, visuals, and next steps
Workflow
trusted action
Experience
beautiful dashboards and investigations
Read
bring source data into evidence context.
Act
send approved updates through trusted workflows.
Build
use integrations from AI, Axon, ingest pipelines, and SQL.
Catalog
Choose a source. Build the app.
AI providers
Hosted and local models for investigation, app generation, summarization, and governed agent workflows.
A
Anthropic
Connect Claude models to Mach5 context for investigation, reasoning, and controlled workflow assistance.
AIAgentsMCP
G
Google Gemini
Use Gemini models in AI workbench flows that need generated answers, charts, summaries, and actions.
AIAgentsWorkflows
Q
Qwen
Bring Qwen-family models into evidence workflows and app-building flows where teams prefer Qwen deployments.
AIAgents
M
Mistral
Use Mistral models for AI-assisted search, summarization, and operational evidence workflows.
AIAgents
OL
Ollama
Run local models for private development, demos, and controlled AI workflows against Mach5 data.
Local AIAgentsDev
Build and collaborate
Code, teams, messages, and workflow notifications.
GitHub
Bring repository, pull request, Actions, audit, issue, and security-alert data into apps.
AxonIngestSQL
Operations and surfaces →
Slack
Read conversations and audit data, then send notifications from trusted workflows.
AxonActionsSQL
Operations and surfaces →Identity
Users, access, sessions, and lifecycle events.
Okta
Use identity events, users, groups, apps, sessions, policies, and lifecycle actions.
AxonIngestSQL
Operations and surfaces →Streaming and event buses
Kafka-compatible and cloud-native event streams for high-volume telemetry.
Apache Kafka
Ingest high-volume operational streams and security telemetry into Mach5 apps.
StreamingIngestTelemetry
Operations and surfaces →RP
Redpanda
Use Redpanda-compatible Kafka streams for fast event ingestion and replayable app pipelines.
Kafka APIIngestStreaming
CC
Confluent Cloud
Connect managed Kafka topics for cloud-scale security and operational event pipelines.
Kafka APIIngestCloud
Amazon MSK
Ingest from AWS-managed Kafka topics for cloud, identity, application, and telemetry workflows.
AWSKafka APIIngest
Azure Event Hubs
Use Event Hubs and its Kafka-compatible endpoint for Azure event streams and operational data.
AzureKafka APIStreaming
Google Cloud Pub/Sub
Use Pub/Sub as the Google Cloud event backbone for app-backed investigation and telemetry flows.
GCPStreamingIngest
Google Cloud Managed Kafka
Use Google-managed Apache Kafka for Kafka-native streaming pipelines on Google Cloud.
GCPKafka APIIngest
Lakehouse and table formats
Open table formats and cloud data platforms for long-retention operational evidence.
Apache Iceberg
Query and ingest Iceberg-backed data for evidence apps without forcing every dataset through a SIEM hot path.
TablesIngestSQL
Operations and surfaces →Microsoft OneLake
Use OneLake as a lakehouse source for operational evidence, long-retention data, and app-backed analytics.
LakehouseExternal DataSQL
Google BigLake
Bring BigLake-managed datasets into Mach5 evidence workflows and cross-source investigations.
LakehouseExternal DataSQL
CF
Cloudflare Data Platform
Connect Cloudflare R2 and Iceberg-backed data to low-latency search, analytics, and apps.
R2IcebergSQL
Operations and surfaces →Warehouses and search
Analytical systems and search platforms that Mach5 can enrich, query, or extend.
Snowflake
Use Snowflake data alongside Mach5 search and app workflows for evidence, enrichment, and analytics.
WarehouseSQLFederation
BigQuery
Bring BigQuery datasets into investigations, dashboards, and operational evidence workflows.
WarehouseSQLFederation
Databricks
Connect lakehouse data and Delta/Iceberg tables to Mach5 app workflows and evidence views.
LakehouseSQLApps
Operations and surfaces →ES
Elasticsearch
Query and migrate Elasticsearch-style workloads while preserving search semantics and operational workflows.
SearchMigrationOpenSearch API
Operations and surfaces →Storage
Object data for ingest, preview, and app-backed analytics.
Amazon S3
List, read, preview, and ingest object data from S3-backed app workflows.
IngestPreviewSQL
Operations and surfaces →Google Cloud Storage
Use GCS buckets as app data sources without moving everything first.
IngestPreviewSQL
Operations and surfaces →Azure Blob Storage
Connect containers for object listing, streaming reads, and bounded previews.
IngestPreviewSQL
Operations and surfaces →Mailbox ingest and workflow-driven email delivery.
IMAP
Search, fetch, parse, flag, delete, and ingest mailbox messages.
AxonIngest
Operations and surfaces →POP3
Fetch, parse, delete, and ingest mailbox messages with UIDL tracking.
AxonIngest
Operations and surfaces →SMTP
Send structured, templated, and policy-checked email from workflows.
AxonActions
Operations and surfaces →