Professional Logging for Red Team Operations

Track, organize, and analyze your offensive security operations with precision

Get Started Learn More

Built for Red Teams

📊

Operation Management

Organize logs by operation with automatic tagging and access control. Keep separate operations isolated while maintaining centralized visibility.

🔗

Relationship Analysis

Automatic detection of relationships between hosts, users, commands, and credentials. Visualize your network footprint and lateral movement paths.

🔑

API Integration

RESTful API with operation-scoped keys for automated log ingestion from your C2 frameworks, tools, and scripts.

🔒

Secure by Design

Self-hosted, TLS-encrypted, with Google SSO authentication and role-based access control. Your data stays under your control.

🏷️

Smart Tagging

Automatic and manual tagging system for categorizing logs. Filter and search across operations with powerful query capabilities.

📈

Real-time Updates

Live log streaming, relationship graph updates, and operation status tracking. See your engagement progress in real-time.

Microservices Architecture

Clio is built with a modern, scalable architecture designed for high-performance logging and analysis.

Frontend

React + Vite

Port 3000

Backend API

Node.js + Express

Port 3001

Database

PostgreSQL 17

Port 5432

Relation Service

Node.js + GraphQL

Port 3002

Redis Cache

In-Memory Store

Port 6379

NGINX

Reverse Proxy

Ports 80/443

Technology Stack

Docker Compose React 18 Node.js PostgreSQL 17 Redis NGINX TLS/SSL Google OAuth

API-First Design

Integrate Clio with your existing tools and workflows

RESTful API

Clean, consistent API endpoints for log submission, querying, and management

POST /api/ingest/logs

Operation-Scoped Keys

API keys automatically tagged to specific operations for seamless log organization

X-API-Key: rtl_...

Batch Processing

Submit up to 50 logs per request with automatic deduplication

Rate: 120 req/min

Quick Example

curl -k -X POST https://your-host/api/ingest/logs \
  -H "Content-Type: application/json" \
  -H "X-API-Key: rtl_yourkey_abc123" \
  -d '{
    "hostname": "target-server",
    "username": "admin",
    "command": "whoami /all",
    "tags": ["enumeration", "windows"]
  }'

Perfect For

🎯 Red Team Operations

Track commands, credentials, and access across complex engagements

🔬 Penetration Testing

Document findings and maintain detailed audit trails for clients

🎓 Training & Research

Capture and analyze techniques for training and methodology development

🏢 Purple Team Exercises

Coordinate between offensive and defensive teams with shared visibility

Self-Hosted Deployment

Deploy Clio on your infrastructure in minutes

1

Clone Repository

git clone https://github.com/seahop/Clio.git
2

Configure Environment

cp .env.example .env && ./setup.sh
3

Deploy with Docker

docker compose up -d
4

Access Dashboard

https://your-host

Requirements

  • Docker & Docker Compose
  • Linux host (tested on Ubuntu 22.04+)
  • 2GB+ RAM recommended
  • TLS certificates (self-signed or CA-issued)

Ready to Level Up Your Operations?

Join red teams using Clio to track and analyze their engagements

Get Started on GitHub