software

LogWard 0.3.0: Full SIEM Dashboard, C# SDK, and Our Roadmap

Published: (December 12, 2025 at 12:50 PM EST)
3 min read
Source: Dev.to

Source: Dev.to

Cover image for LogWard 0.3.0: Full SIEM Dashboard, C# SDK, and Our Roadmap

Three weeks after launching 0.2.4, we’re excited to announce LogWard 0.3.0 — our biggest release yet, focused on application security and observability for .NET teams.

If you’re new to LogWard: it’s an open‑source log management and SIEM platform, built as a privacy‑first alternative to Datadog, Splunk, and SigNoz. GDPR‑compliant, self‑hostable, with Sigma‑based detection rules and MITRE ATT&CK integration.

  • 🌐 Cloud: (free tier available)
  • 💻 GitHub: (152+ ⭐)
  • 📦 Docker Hub: 2,500+ pulls

What’s New in 0.3.0

1. Full‑Featured SIEM Dashboard

A dedicated interface for security incident management, providing a complete workflow for triaging, investigating, and resolving security events.

Included features

  • Security Dashboard with 6 real‑time widgets
    • Summary stats (total detections, open incidents, critical alerts)
    • Top threats chart (Sigma rules ranked by detection count)
    • Detection timeline visualization
    • Affected services list
    • Severity distribution
  • MITRE ATT&CK heatmap showing detected techniques across the tactics matrix
  • Incident Management with full lifecycle tracking
    • Status workflow: Open → Investigating → Resolved → False Positive
    • Assignee management
    • Collaboration via comments thread
    • Activity history timeline
    • PDF export for incident reports
  • Real‑time updates via Server‑Sent Events (SSE)

The dashboard transforms LogWard from a simple log viewer into a proper security operations tool.

2. Official C# / .NET SDK

First‑class support for .NET 6/7/8 applications.

using LogWard;

var client = new LogWardClient(new LogWardOptions
{
    ApiUrl = "https://logward.dev",
    ApiKey = "lp_your_api_key",
    BatchSize = 100,
    FlushInterval = TimeSpan.FromSeconds(5)
});

// Simple logging
await client.InfoAsync("api-gateway", "Request processed", new {
    method = "POST",
    path = "/api/users",
    duration_ms = 145
});

// ASP.NET Core middleware for auto‑logging
app.UseLogWard(client);

Key features

  • Automatic batching with configurable size and interval
  • Retry logic with exponential backoff
  • Circuit breaker pattern for fault tolerance
  • Query API for programmatic log searches
  • ASP.NET Core middleware for HTTP request logging
  • Full async/await support, thread‑safe

Full docs: /docs/sdks/csharp 📖

3. IP Reputation & GeoIP Enrichment

Incidents now include automatic IP reputation lookups and GeoIP data with map visualization, reducing manual investigation effort.

4. Organization Invitations

Team members can be invited via email with role assignment (admin/member). Features include managing pending invites, automatic membership on acceptance, and invitation expiration handling.

5. Horizontal Scaling Documentation

Comprehensive guide for scaling LogWard across multiple instances using Traefik as a reverse proxy with load balancing. Topics covered:

  • Docker Compose overlay for scaled deployments
  • Sticky sessions for SSE connections
  • Health‑check configuration
  • Environment variables for scaling

What We’ve Learned

  • SIEM ≠ Just Alerts – Managing alerts (ownership, investigation progress, noise reduction) is the real challenge. The new incident workflow addresses this.
  • SDK adoption matters – After releasing Python, PHP, and Kotlin SDKs, 40 % of new users chose SDK‑based ingestion. The C# SDK should unlock .NET shops.
  • Enrichment cost – IP reputation lookups add ~200 ms per incident. Aggressive caching (60‑minute TTL) and async enrichment keep the detection pipeline performant.

What’s Next: Roadmap

We track our roadmap publicly on GitHub Issues.

Polish & Performance

  • Light mode support (#41)
  • Keyboard shortcuts (#42)
  • Enhanced stack trace visualization (#23)

Advanced Analytics

  • Log pattern detection & auto‑clustering (#21)
  • Anomaly detection (#22)
  • Service dependency graph (#40)

Enterprise Features

  • Saved searches & custom dashboards (#43)
  • Helm chart for Kubernetes (#45)
  • Migration guides from competitors (#44)

Full Observability Platform

  • OTLP Metrics ingestion (#4) – expand beyond logs to metrics and traces

We prioritize based on community feedback. Feel free to comment or upvote the relevant GitHub issues.

Try It Now

LogWard is AGPLv3‑licensed and ready to self‑host or try on the cloud.

  • Self‑Hosted: docker pull logward/backend:0.3.0 (Deployment Docs)
  • Cloud (Free Tier):
  • GitHub:

If you’re running .NET apps, the C# SDK is waiting for you. If you’re doing security monitoring, the SIEM dashboard changes the game.

Back to Blog

Related posts

Read more »

The Vibe Coding Paradox

My last PR for Nudges was +96 −312, touched 38 files, and was about 90 % vibe‑coded. I’m confident in it. While I was gliding through Hyrule, two different AI a...

Printable Flashcard Generator

Introduction Are you a visual learner? Have you ever used image‑based flashcards to memorize words or concepts more effectively? If so, you might find this pro...