ShieldEye Log Analyzer

Manual Log Event Collection, Analysis & Security Monitoring

Version 1.1.0 • Released 2026-05-02 • MIT License

1. Overview

ShieldEye is a structured logging and security analysis platform designed for developers and SOC analysts. It enables consistent log collection, MongoDB storage, and forensic analysis via desktop tooling.

Key Capabilities

  • Structured security event logging
  • MongoDB-based storage (developer-controlled)
  • Real-time (web) + forensic (desktop) analysis
  • SOC workflow support (Detection → Investigation → Analysis)

Architecture

                Application → logEvent() → Logger → MongoDB → ShieldEye Platform → Analysis Engine

Security Design

  • Logs remain in your infrastructure
  • Read-only MongoDB access
  • SQLCipher encrypted local database
  • SHA-256 integrity verification support

Local Storage

  • Application data is stored in the operating system's user data directory.
  • Desktop logs are stored locally.
  • No user log data is transmitted to ShieldEye servers.

2. Installation

Linux (Debian/Ubuntu)

                sudo apt update
                wget https://github.com/holoolagoke/shield-eye-desktop/releases/download/v1.1.0/shieldeye_1.1.0_amd64.deb
                sudo apt install ./shieldeye_1.1.0_amd64.deb

Windows

                curl -L -o shieldeye_setup.exe "https://github.com/holoolagoke/shield-eye-desktop/releases/latest"

3. Quick Start

  1. Install & launch the app
  2. Integrate logger middleware
  3. Export MongoDB logs
  4. Set alert preferences
  5. Upload & analyze logs

4. Integration Guide

Logger Example (Node.js)

                import { v4 as uuidv4 } from "uuid"

                export async function logEvent(req, res, data) {
                const log = {
                    _id: uuidv4(),
                    timestamp: new Date(),
                    ...data
                }

                await db.collection("event_logs").insertOne(log)
                }

SOC Event Example

                await logEvent(req, res, {
                event_type: "LOGIN_FAILED",
                level: "warn",
                category: "authentication",
                message: "Failed login attempt"
                })

5. Log Schema

Field Type Description
_id UUID Unique identifier
timestamp Date Event time
level String info | warn | error | critical

6. Desktop Application

  • Encrypted local database (SQLCipher)
  • Dashboard with charts and logs
  • Alerts management system
  • JSON log import support for ShieldEye exports and MongoDB-compatible exports

7. SOC Workflow

  1. Detection: Monitor logs
  2. Investigation: Export suspicious data
  3. Forensics: Analyze in desktop app

8. Security Guidelines

Never Log:

  • Passwords
  • JWT tokens
  • API keys
  • PII

9. Release Notes

Version 1.1.0

  • Improved JSON import reliability.
  • Support for MongoDB export compatibility improvements.
  • Event logs now display newest records first.
  • Improved database path consistency across deployments.
  • Enhanced SQLCipher initialization and validation.
  • Multiple stability and usability fixes.