Security Model¶
ByteFreezer splits cleanly between a data plane (yours) and a control plane (ours). This separation ensures your data never leaves your infrastructure.
What You Run (Data Plane)¶
All components that touch raw event data run in your environment:
| Component | Role | Runs On |
|---|---|---|
| Proxy | Collects data from sources (syslog, sFlow, HTTP, etc.) | Your network edge |
| Receiver | HTTP webhook endpoint, stores raw data to S3 | Your compute |
| Piper | Transformations, enrichment, filtering | Your compute |
| Packer | Converts to Parquet, partitions, compresses | Your compute |
| Query | SQL and AI-powered analytics | Your compute |
| S3/MinIO | Object storage for all data | Your storage |
You choose where to run these: Kubernetes, systemd on bare metal, Docker, or ECS. You choose your storage provider: AWS S3, MinIO, or any S3-compatible store.
What We Run (Control Plane)¶
The control plane manages configuration and monitors health. It never stores or processes raw event data:
| Component | Role | Data Stored |
|---|---|---|
| Control API | Configuration management, health aggregation | Dataset configs, health status, user accounts |
| UI | Web dashboard for management | Session data only |
| Alerting | Health alerts (Telegram, etc.) | Alert metadata |
Why We Never See Your Data¶
- Proxy collects data inside your network and forwards to your Receiver
- Receiver writes raw data to your S3 bucket
- Piper reads from and writes to your S3 bucket
- Packer reads from and writes Parquet to your S3 bucket
- Control only receives health heartbeats and serves dataset configuration — no event payloads
The control plane stores: account metadata, tenant/dataset definitions, proxy assignments, health status, user credentials. It does not store, forward, or have access to any raw event data.
Extending with AI¶
ByteFreezer supports AI-assisted configuration:
- Transformation pipelines — build filters, enrichers, and transforms via the UI's AI assistant or the
/api/v1/ai/agent/chatendpoint - Query — use DuckDB SQL or bring your own AI model (BYOA) for natural language queries against your Parquet data
All AI processing runs against your data in your infrastructure. The control plane provides the configuration interface only.
API Reference¶
All management operations are available via the REST API at /api/v1/. See the API documentation for endpoints covering tenants, datasets, proxies, transformations, health, and user management.