CustosDocumentation
Guides for installation, integrations, and product features. Click a topic for a summary; open the full guide for complete details.
Documentation is organized by topic. Click a card for a quick summary, or open the full guide for complete details. New topics are published as dedicated pages under /docs/ as the product grows.
!
Emergency recovery
DNS: Settings → DNS → Restore DNS to Default NOW, Dashboard → Restore DNS NIC, or Helper restore-dns-default.
Firewall: Firewall page → Emergency unblock (removes inbound + outbound rules), Helper uninstall-cleanup, or delete CustosXI Block * and CustosXI Block * (OUT) in Windows Firewall.
1
Installation and requirements
Install CustosXI with the official CustosXI-Setup.exe. The bundle includes .NET 10 and may install Windows App SDK Runtime 1.8. Administrator rights are required.
Npcap, Suricata, PostgreSQL server, GeoLite2, and external API feeds are never part of the installer.
NP
Npcap
Required for live capture via SharpPcap. Without Npcap, DNS sinkhole, firewall, blacklist, and most UI features still work.
Use WinPcap API-compatible mode when installing. CustosXI shows an in-app banner when Npcap is missing.
SI
Suricata integration
Suricata is a separate GPL v2 project. CustosXI configures paths, optional process control, rule updates, and alert correlation - you install and operate Suricata itself.
DB
Database storage
SQLite (custosxi.db) is the default for personal and lab use - recommended up to ~2 GB. Size can grow quickly with capture, retention, and add-ons; set limits early.
PostgreSQL suits larger timelines when you run your own server (migration built into Settings).
LG
Logging and Log Center
Seven local log categories (App, Error, Audit, Navigation, Ipc, Security, Perf) with Production / Diagnostic / Audit-only presets.
Log Center browses files, filters by level, search, live tail, and copy lines for support.
Credits and licenses: Third-party notices · In-app Settings → About → View Third-Party Licenses.