Free
SysmonSearch
A tool collection for filtering and visualizing logon events, designed for experienced DFIR specialists in threat hunting and incident response.
SIEM
Security Information and Event Management solutions for log management and security monitoring
Try these 57 AI SIEM Tools
Free
visualize_logs
ELAT (Event Log Analysis Tool) is a tool that helps in analyzing Windows event logs for malware detection.
Free
WELA (Windows Event Log Analyzer)
A service that analyzes and visualizes security data to investigate potential security issues.
Free
zeek2es.py
SysmonSearch makes event log analysis more effective by aggregating Microsoft Sysmon logs and providing detailed analysis through Elasticsearch and Kibana.
Free
Zentral
Graylog offers advanced log management and SIEM capabilities to enhance security and compliance across various industries.
Free
Zircolite
Open source security data lake for AWS with real-time log normalization and Detection-as-Code capabilities.
Free
Elastic View Elastic
Elastic is the premier provider of software enabling real-time usability of structured and unstructured data for search, logging, security, and analytics. At its core, Elasticsearch, a distributed, RESTful search and analytics engine, powers the Elastic Stack, centralizing data for both predictable insights and unexpected discoveries. Elastic Security offers a comprehensive, free, and open solution for SIEM, endpoint security, threat hunting, and cloud monitoring, empowering teams to proactively defend against threats and secure sensitive information.
Real-time search and analytics engine
Unified platform for log management and observability
Comprehensive security information and event management (SIEM)
Free
Graylog View Graylog
Graylog is a leading centralized log management solution designed for modern log analytics, empowering teams to efficiently consolidate, enrich, correlate, query, and visualize all log data in a single, cost-effective platform. It provides IT professionals with scalable, real-time insights into machine data, enabling faster resolution of security, compliance, operational, and DevOps challenges. Purpose-built to remove complexity, Graylog facilitates streamlined data exploration, threat hunting, and compliance audits, ensuring teams can quickly extract meaning and act decisively.
Centralized Log Management
Real-time Data Analysis
Rich Data Enrichment and Correlation
Free
Sysdig View Sysdig
Sysdig empowers organizations to achieve robust cloud and container security and reliability. By offering a unified platform, Sysdig enables security teams to proactively identify and remediate software vulnerabilities, detect and respond to sophisticated threats, and maintain essential cloud configurations, permissions, and compliance. Gain unparalleled visibility from code to production, eliminating blind spots and guesswork for a truly secure cloud environment.
Unified Cloud and Container Security Platform
Vulnerability Management and Prioritization
Real-time Threat Detection and Response