Solutions
Solutions
All in one solution
Overview
Managed XDR
Keep my IT safe 24/7
24/7 Incident Response
Restore business operations
Security Awareness
Improve security culture
Cyber Insurance
Ensure business continuity
Integrations
Technology partners
Industry
All sectors
Logistics
Manufacturing
Professional services
Healthcare
Partners
Partner Network
For Brokers & Risk Advisors
Lower your clients' cyber risk.
For Managed Service Providers (MSP)
Expand your offer with cybersecurity.
Case studies
Customer protection
Jan de Rijk
Logistics
Avi Medical
Healthcare
KeyTec Netherlands
Manufacturing
Van der Most Transport
Logistics
SHG Groep
Healthcare
Zimmer Group
Manufacturing
KlaassenGroep
Construction
GOED Belgium
Healthcare
Plans
Resources
Resources
Blog
News from the front lines
Resource Library
Guides and brochures
Knowledge Base
Customer login
Free Anti-spoofing Tool
Sign up to get started
NIS2 Resource Hub
The latest news around NIS2
Eye Research
Tech blog and real-world incidents
Trend Report 2026
Insights from 630 cyber investigations
Glossary of Terms
An overview of cybersecurity terms
Learning Hub
Understand the building blocks
Webinars & Events
All digital & live events at a glance
Company
About
News
Careers
Contact
Press
Talk to us
Take a tour
Solutions
Back
Solutions
All in one solution
Managed XDR
24/7 Incident Response
Security Awareness
Cyber Insurance
Integrations
Industry
All sectors
Logistics
Manufacturing
Professional services
Healthcare
Partners
Back
Partner Network
For Brokers & Risk Advisors
For Managed Service Providers (MSP)
Case studies
Back
Customer protection
Jan de Rijk
Avi Medical
KeyTec Netherlands
Van der Most Transport
SHG Groep
Zimmer Group
KlaassenGroep
GOED Belgium
Plans
Resources
Back
Resources
Blog
Resource Library
Knowledge Base
Free Anti-spoofing Tool
NIS2 Resource Hub
Eye Research
Trend Report 2026
Glossary of Terms
Learning Hub
Webinars & Events
Company
About
News
Careers
Contact
Press
Book a demo
Incident Hotline

Log Storage.
Audit-Ready.
EU-Native.

Eye Log is the log history you'll need, already stored and ready. No SIEM. No new tools. No compliance risk.

Download the Eye Log datasheet
Request pricing info
hero-img

12

months of log retention

24h

Hot storage retrieval SLA

100%

EU-based log storage

0

new tools to run

The challenge.

Most organisations are forensically blind for several months of the year

1
Audit readiness

NIS2, ISO 27001, and DORA all expect organisations to maintain effective logging and monitoring as part of their broader risk-management responsibilities.

2
Insurance renewals

Cyber insurers increasingly ask for proof of long-term log retention at renewal. If you cannot demonstrate it, your coverage conditions and your premiums may be affected.

3
Incident investigations

When an attack began months earlier, investigations stall. Without historical logs, root cause remains unclear and incident resolution slows down.

And the typical market answer “deploy a SIEM” creates a new problem:
A complex, costly infrastructure project that requires specialised staff most midmarket IT teams don’t have.

1
Audit readiness

NIS2, ISO 27001, and DORA all expect organisations to maintain effective logging and monitoring as part of their broader risk-management responsibilities.

2
Insurance renewals

Cyber insurers increasingly ask for proof of long-term log retention at renewal. If you cannot demonstrate it, your coverage conditions and your premiums may be affected.

3
Incident investigations

When an attack began months earlier, investigations stall. Without historical logs, root cause remains unclear and incident resolution slows down.

And the typical market answer “deploy a SIEM” creates a new problem:
A complex, costly infrastructure project that requires specialised staff most midmarket IT teams don’t have.

The challenge.

Eye Log: 12-month log storage built into Cyber Guard

middle-img

 

Eye Log is the log storage that sits directly alongside Cyber Guard. When an auditor asks for September’s logs, they exist. When an incident turns out to have started six months ago, the evidence is already in the hands of the analysts who need it. You are getting value from day one.

Eye Log delivers the compliance and forensic readiness outcome without the cost, complexity, or overhead of a SIEM project.

Eye Log Packages.

Eye Log Comply

12 months of cold storage with a 48-business-hour retrieval SLA, designed for organisations that need audit-ready log records without the cost or complexity of running a SIEM.

Key Outcomes

  • Log retention requirements met from day one
  • 12-month log record available for auditors, insurers, and regulators
  • Compliance gap closed without internal headcount or infrastructure investment
  • Predictable monthly cost charged per GB usage
Get a quote

Eye Log Hybrid

30 days of hot storage plus 11 months of cold storage, with a 24-business-hour retrieval SLA for hot data and 48-business-hour SLA for cold. Built for higher-risk environments and sectors where active incidents require fast access to historical data for forensic reconstruction alongside compliance coverage.

Key Outcomes

  • Historical investigation during active incidents, without hitting a retention wall
  • Regulatory requirements met across the full retention period
  • Faster forensic reconstruction when an incident turns out to have started months earlier
  • No SIEM infrastructure required
Get a quote

Key benefits

What your organisation gains from day one

Close the audit gap

Log retention starts from day one of deployment. Your 12-month record builds automatically, no configuration, no catch-up project.

Answer the insurance question

Give your cyber insurer exactly what they are asking for at renewal: structured, retrievable evidence of log retention capability, stored in the EU.

Accelerate forensic investigation

When an incident needs to reach back months, your SOC analysts already have the data. No vendor request. No forensics firm. No gap in the record.

Features

What’s included in Eye Log

Asset 1
EU data sovereignty
All log data is stored exclusively within
the European Union, addressing data
sovereignty requirements under GDPR
and supporting NIS2 and DORA
compliance postures.  
Asset 2
Immutable log storage
Logs cannot be modified or deleted
before the 12-month retention period
ends. The record that exists at
investigation time is the same one that
was written at ingestion.  
Asset 3
Unlimited SOC access
Eye’s analysts have unrestricted
access to all log data for security
operations, incident response, threat
hunting, and forensic investigation.  
Asset 4
Customer data
retrieval (5 per year)
Five complimentary retrievals per year
(up to 10 GB each) via the Eye Portal
or your dedicated Customer Success
Manager.  
Asset 5
Broad log source support
Ingests logs from a wide range of
sources via syslog and Azure Event
Hubs, covering firewalls, servers, cloud
services, identity providers, and
network infrastructure. 
Asset 6
Usage visibility in Eye Portal
Monitor daily log volume and storage
consumption through the Eye Portal.
Clear, at-a-glance visibility into your
retention posture.  
Asset 7
Onboarding by Eye’s team
Log source configuration is handled
during onboarding by Eye Security's team. Your IT team does not need to architect the integration.
Asset 1
EU data sovereignty
All log data is stored exclusively within
the European Union, addressing data
sovereignty requirements under GDPR
and supporting NIS2 and DORA
compliance postures.  
Asset 2
Immutable log storage
Logs cannot be modified or deleted
before the 12-month retention period
ends. The record that exists at
investigation time is the same one that
was written at ingestion.  
Asset 3
Unlimited SOC access
Eye’s analysts have unrestricted
access to all log data for security
operations, incident response, threat
hunting, and forensic investigation.  
Asset 4
Customer data
retrieval (5 per year)
Five complimentary retrievals per year
(up to 10 GB each) via the Eye Portal
or your dedicated Customer Success
Manager.  
Asset 5
Broad log source support
Ingests logs from a wide range of
sources via syslog and Azure Event
Hubs, covering firewalls, servers, cloud
services, identity providers, and
network infrastructure. 
Asset 6
Usage visibility in Eye Portal
Monitor daily log volume and storage
consumption through the Eye Portal.
Clear, at-a-glance visibility into your
retention posture.  
Asset 7
Onboarding by Eye’s team
Log source configuration is handled
during onboarding by Eye Security's team. Your IT team does not need to architect the integration.

How it works.

Up and running in hours.

Eye Log is built to be invisible to your team once it is running. Here is what the process looks like.

1
Add Eye Log to your Cyber Guard subscription

Choose Eye Log Comply or Eye Log Hybrid based on your retrieval and forensic investigation needs. Pricing is confirmed per daily log volume tier, no hidden fees.

2
Eye’s team configures all backend ingestion architecture during onboarding
Your team configures log forwarding from your environment, firewalls, identity providers, cloud services, servers, using standard syslog or Azure Event Hubs. Eye’s team is with you throughout onboarding to make the process as smooth as possible
3
Logs are captured and stored from day one

Once live, log data is continuously ingested and stored in Eye’s EU-based infrastructure. Eye Log Hybrid routes the most recent 30 days into hot storage for immediate SOC access. All data moves to cold storage at the appropriate point.

4
Our SOC has immediate, unrestricted access for security operations

Our analysts can query your logs at any time, during active incidents or forensic investigations. There is no request process for the SOC. The data is already in their hands.

5
You retrieve data when you need it

When you need to produce evidence for an auditor, insurer, or internal review, request a retrieval through the Eye Portal or contact your Customer Success Manager. Delivered within 24 or 48 business hours depending on your tier.

1
Add Eye Log to your Cyber Guard subscription

Choose Eye Log Comply or Eye Log Hybrid based on your retrieval and forensic investigation needs. Pricing is confirmed per daily log volume tier, no hidden fees.

2
Eye’s team configures all backend ingestion architecture during onboarding
Your team configures log forwarding from your environment, firewalls, identity providers, cloud services, servers, using standard syslog or Azure Event Hubs. Eye’s team is with you throughout onboarding to make the process as smooth as possible
3
Logs are captured and stored from day one

Once live, log data is continuously ingested and stored in Eye’s EU-based infrastructure. Eye Log Hybrid routes the most recent 30 days into hot storage for immediate SOC access. All data moves to cold storage at the appropriate point.

4
Our SOC has immediate, unrestricted access for security operations

Our analysts can query your logs at any time, during active incidents or forensic investigations. There is no request process for the SOC. The data is already in their hands.

5
You retrieve data when you need it

When you need to produce evidence for an auditor, insurer, or internal review, request a retrieval through the Eye Portal or contact your Customer Success Manager. Delivered within 24 or 48 business hours depending on your tier.

Use cases

Built for the moments that matter most

The audit question you are not ready for

Your auditor asks for 12 months of access logs and network activity. With Eye Log, that record already exists, stored in the EU. No SIEM to justify. No internal project to build.

Cyber insurance renewal

Your insurer asks for proof of log retention capability as a policy condition. Eye Log provides the structured, retrievable evidence, delivered at a predictable monthly cost, not through a six-figure infrastructure build.

Incident response that can reach back as far as the evidence goes

An active incident turns out to have started four months earlier. With Eye Log Hybrid, our SOC analysts can query the last 30 days instantly and access the remaining storage within 48 hours, no retention walls, no delays.

Trust & Compliance.

EU-Stored. Audit-ready. No compliance project required.

Eye Log is built on the same secure, EU-native infrastructure that underpins the entire Eye Security platform. Your log data stays exclusively within the European Union, protected from modification, and backed by the certifications and controls your auditors and insurers expect to see.

Asset 1
EU data sovereignty
All log data stored exclusively within the European Union
Asset 2
Immutable storage
Logs cannot be modified or deleted
before the retention period ends  
Asset 8
ISO 27001 certified
Eye Security’s operations and
processes are ISO 27001 certified  
Asset 9
NIS2 aligned
Supports the logging and monitoring
expectations under NIS2  
Asset 5
DORA relevant
Addresses digital operational
resilience logging requirements for
financial services and regulated
industries  
Asset 10
GDPR compliant storage
EU-only storage with no cross-border
transfer of log storage.
Asset 1
EU data sovereignty
All log data stored exclusively within the European Union
Asset 2
Immutable storage
Logs cannot be modified or deleted
before the retention period ends  
Asset 8
ISO 27001 certified
Eye Security’s operations and
processes are ISO 27001 certified  
Asset 9
NIS2 aligned
Supports the logging and monitoring
expectations under NIS2  
Asset 5
DORA relevant
Addresses digital operational
resilience logging requirements for
financial services and regulated
industries  
Asset 10
GDPR compliant storage
EU-only storage with no cross-border
transfer of log storage.

Eye Log: Going beyond retention. Your resilience. Your compliance. Your IR readiness. One log solution.

See Eye Log in the context of your environment.

Talk to us