Free
LogonTracer View LogonTracer
A method for log volume reduction without losing analytical capability.
SIEM
Security Information and Event Management solutions for log management and security monitoring
Try these 57 AI SIEM Tools
Free
Logdissect View Logdissect
A cloud-native SIEM platform that provides security analytics, intuitive workflow, and simplified incident response to help security teams defend against cyber threats.
Free
LogSlash View LogSlash
Elasticsearch is a versatile platform for centralized data storage, fast search, and scalable analytics.
Free
LORG View LORG
Python library and command line tools for log visualization with interactive plots.
Free
Matano Open Source Security Data Lake View Matano Open Source Security Data Lake
A tool collection for filtering and visualizing logon events, designed for experienced DFIR specialists in threat hunting and incident response.
Free
MongoDB-HoneyProxy View MongoDB-HoneyProxy
A framework for generating log events without the need for infrastructure, allowing for simple, repeatable, and randomized log event creation.
Free
NodeSecure View NodeSecure
Open source security data lake for AWS with real-time log normalization and Detection-as-Code capabilities.
Free
nfdump View nfdump
A collection of free shareable log samples from various systems with evidence of compromise and malicious activity, maintained by Dr. Anton Chuvakin.
Free
Open Source Security Events Metadata (OSSEM) View Open Source Security Events Metadata (OSSEM)
A toolset for collecting and processing netflow/ipfix and sflow data from netflow/sflow compatible devices.
Free
OpenSOC View OpenSOC
AlienVault OSSIM provides an all-in-one security management solution with asset discovery, vulnerability assessment, and SIEM capabilities.
Free
Panther Detections View Panther Detections
Python application to translate Zeek logs into ElasticSearch's bulk load JSON format with detailed instructions and features.
Free
Procmon for Linux View Procmon for Linux
Graylog offers advanced log management and SIEM capabilities to enhance security and compliance across various industries.
Free
Public Security Log Sharing Site by Dr. Anton Chuvakin View Public Security Log Sharing Site by Dr. Anton Chuvakin
Apache Metron is a centralized tool for security monitoring and analysis that integrates various open-source big data technologies.
Free
python-evtx View python-evtx
Graylog offers advanced log management and SIEM capabilities to enhance security and compliance across various industries.
Free
Free
Free
Security-Guard View Security-Guard
Investigate malicious logons by visualizing and analyzing Windows Active Directory event logs with LogonTracer.
Free
Splunk Security Content View Splunk Security Content
A compliant audit log tool that provides a searchable, exportable record of read/write events.
Free
Starbase View Starbase
HonnyPotter is a WordPress plugin that logs all failed login attempts, with a caution to use it at your own risk.
Free
StreamAlert View StreamAlert
Sysmon for Linux is a tool that monitors and logs system activity with advanced filtering to identify malicious activity.
Free
Synthetic Adversarial Log Objects (SALO) View Synthetic Adversarial Log Objects (SALO)
A toolset for collecting and processing netflow/ipfix and sflow data from netflow/sflow compatible devices.
Free
Sysmon for Linux View Sysmon for Linux
A framework for generating log events without the need for infrastructure, allowing for simple, repeatable, and randomized log event creation.