Also, since this seems fairly new, do you have SOAR platform integration already? That's a major selling point these days, I need it to play well with automation.
Lastly,many have tried and failed to compete with Splunk's query language.Does this have a query langauge that can compete? I don't need it to detect threats out of the box, if I need a SIEM then I also need to rapidly change correlation logic and for that I need a good query language which is very rare even with top dollar traditional SIEMs.
My read of the license file, is there seems to be some purposefully introduced license confusion and mixing of proprietary/commercial non oss files into the same repo, which makes it really unclear if this is OSS per OSI definition, if running git log will taint a contributor.
The compiled binaries assets are available under Apache 2.0, which appears to be a marketing tactic to capitalize on the name, while being completely unrelated to the actual source license, aka this is closer to free to use binary. IANAL but afaics most orgs should talk to a lawyer if they want to use this as OSS.
moreover this line in the readme also appears to be purposefully sowing confusion, "Panther is dual-licensed under the AGPLv3 and Apache-2.0 licenses." except they actually appear to redefine the common usage of dual license, to mean that parts of the code base are selectively licensed one or the other.
I'd originally just looked at the LICENCE.txt file in the top level, thinking this was presented as a standalone application suite from a single author / company - so I approached it with certain (perhaps naive) expectations.