Security Information and Event Management solutions for log management and security monitoring
A tool collection for filtering and visualizing logon events, designed for experienced DFIR specialists in threat hunting and incident response.
Democratizing graph-based security analysis by collecting assets and relationships from services and systems into an intuitive graph view.
A Security Information and Event Management (SIEM) system with a focus on security and minimalism.
HoneyView is a tool for analyzing honeyd logfiles graphically and textually.
A dynamic GUI for advanced log analysis, allowing users to execute SQL queries on structured log data.
Graylog offers advanced log management and SIEM capabilities to enhance security and compliance across various industries.
A collection of detections for Panther SIEM with detailed setup instructions.
A compliant audit log tool that provides a searchable, exportable record of read/write events.
Logdissect is a CLI utility and Python library for analyzing log files and other data.
SysmonSearch makes event log analysis more effective by aggregating Microsoft Sysmon logs and providing detailed analysis through Elasticsearch and Kibana.
A Command Line Map-Reduce tool for analyzing cowrie log files over time and creating visualizations and statistics.
A compliant audit log tool that provides a searchable, exportable record of read/write events.
A tool for advanced HTTPD logfile security analysis and forensics, implementing various techniques to detect attacks against web applications.
Apache Metron is a centralized tool for security monitoring and analysis that integrates various open-source big data technologies.
Access a repository of Analytic Stories and security guides mapped to industry frameworks, with Splunk searches, machine learning algorithms, and playbooks for threat detection and response.
A pure Python parser for Windows Event Log files with access to File and Chunk headers, record templates, and event entries.
Track user activity and API usage on AWS and in hybrid and multicloud environments.
A method for log volume reduction without losing analytical capability.
RedELK enhances Red Team operations with SIEM capabilities to monitor and alert on Blue Team activities.
A Command Line Map-Reduce tool for analyzing cowrie log files over time and creating visualizations and statistics.
A tool collection for filtering and visualizing logon events, designed for experienced DFIR specialists in threat hunting and incident response.
A cloud-native SIEM platform that provides security analytics, intuitive workflow, and simplified incident response to help security teams defend against cyber threats.
A framework for generating log events without the need for infrastructure, allowing for simple, repeatable, and randomized log event creation.
