// artifact family
cloud data warehouse forensics
10 browser-only forensics tools in this catalog group — browse by artifact family when you know the kind of evidence you are working with, not the investigation pattern.
tools in this family
ordered as in the forensics catalog. every tool runs locally — no upload, no account.
- aws redshift audit log forensic analyzerdrop redshift audit export · parse query + user + table · runs locally
- azure synapse audit log forensic analyzerdrop synapse audit export · parse sql pool + user + action · runs locally
- aws athena query log forensic analyzerdrop athena query history export · parse query + workgroup + scan bytes · runs locally
- trino query log forensic analyzerdrop trino query log export · parse query + catalog + user · runs locally
- dbt cloud audit log forensic analyzerdrop dbt cloud audit export · parse run + model + user · runs locally
- fivetran sync anomaly detectordrop fivetran sync export · detect connector sync anomalies · runs locally
- warehouse privileged query anomaly detectordrop warehouse query export · detect privileged query anomalies · runs locally
- warehouse bulk export anomaly detectordrop warehouse access export · detect bulk data export bursts · runs locally
- multi warehouse query timeline correlatordrop 2+ warehouse exports · unified query timeline graph · runs locally
- cross warehouse etl lineage correlatordrop warehouse + etl exports · correlate query to sync job lineage · runs locally