jasonish / simple-ids
A very simple way to try Suricata and EveBox
☆13Updated last month
Alternatives and similar repositories for simple-ids:
Users that are interested in simple-ids are comparing it to the libraries listed below
- ☆14Updated 8 months ago
- fast, extensible, versatile event router for Suricata's EVE-JSON format☆50Updated 2 weeks ago
- Web Based Event Viewer (GUI) for Suricata EVE Events in Elastic Search☆452Updated last week
- A tools to work on suricata stats.log file.☆28Updated 9 years ago
- Argus Sensor☆61Updated last week
- Suricata Extreme Performance Tuning guide - Mark II☆115Updated 6 years ago
- Suricata Verification Tests - Testing Suricata Output☆105Updated this week
- Accurate, modular, scalable PCAP manipulation tool written in Go.☆87Updated 11 months ago
- ☆33Updated 2 months ago
- ☆13Updated last month
- A curated list of awesome things related to Suricata☆158Updated 3 weeks ago
- Collection of Snort 2/3 rules.☆35Updated 6 years ago
- A Suricata Docker image.☆277Updated last week
- ☆10Updated 4 years ago
- The tool for updating your Suricata rules.☆266Updated 3 months ago
- IDS using a port mirror, Snort and an alert -> RESTCONF utility☆36Updated 10 months ago
- Argus clients program repo☆22Updated last week
- eBPF agent to trace processes back to SSH Client IP☆18Updated last year
- Open source endpoint agent providing host information to Zeek. [v2]☆79Updated 5 months ago
- Meer is a "spooler" for Suricata / Sagan.☆29Updated last year
- ☆22Updated 8 years ago
- Plugin providing native AF_Packet support for Zeek.☆34Updated 11 months ago
- Kernel-based Process Monitoring on Linux Endpoints for File System, TCP and UDP Networking Events and optionally DNS, HTTP and SYSLOG App…☆60Updated this week
- An ipfix library in Go☆43Updated last week
- Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs an…☆392Updated this week
- Yara powered NIDS with high speed packet capture powered by PF_RING☆69Updated 10 months ago
- Sample programs to access the API☆80Updated 2 weeks ago
- An EBPF based IPv4/IPv6 firewall with integrations for OpenZiti Zero-Trust Framework edge-routers and tunnellers☆50Updated 2 weeks ago
- An example of iptables-bpf with Go+eBPF☆16Updated 3 years ago
- Sagan is a multi-threads, high performance log analysis engine. At it's core, Sagan similar to Suricata/Snort but with logs rather th…☆166Updated this week