quadrantsec / sagan
Sagan is a multi-threads, high performance log analysis engine. At it's core, Sagan similar to Suricata/Snort but with logs rather than network packets.
☆164Updated 3 months ago
Alternatives and similar repositories for sagan:
Users that are interested in sagan are comparing it to the libraries listed below
- Suricata rules for network anomaly detection☆155Updated 3 weeks ago
- Open source endpoint agent providing host information to Zeek. [v2]☆75Updated 3 months ago
- ☆29Updated this week
- A curated list of awesome things related to Suricata☆155Updated last month
- Suricata Extreme Performance Tuning guide - Mark II☆115Updated 6 years ago
- DynamiteNSM is a free Network Security Monitor developed by Dynamite Analytics to enable network visibility and advanced cyber threat det…☆169Updated last year
- Zeek IDS Dockerfile☆100Updated 2 years ago
- Convert pcap files into richly-typed ZNG summary logs (Zeek, Suricata, and more)☆78Updated 4 months ago
- The OTX Suricata Rule Generator can be used to create the rules and configuration for Suricata to alert on indicators from your OTX accou…☆108Updated 9 months ago
- Suricata Verification Tests - Testing Suricata Output☆103Updated this week
- The tool for updating your Suricata rules.☆264Updated 2 months ago
- Web Based Event Viewer (GUI) for Suricata EVE Events in Elastic Search☆443Updated this week
- Meer is a "spooler" for Suricata / Sagan.☆29Updated last year
- 🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.☆262Updated last year
- The Security Analyst’s Guide to Suricata☆54Updated 8 months ago
- Suricata Extreme Performance Tuning guide☆207Updated 6 years ago
- Kibana 7 Templates for Suricata IDPS Threat Hunting☆40Updated 2 years ago
- Argus Sensor☆58Updated last month
- Open Source SIEM (Security Information and Event Management system).☆203Updated last year
- ☆49Updated this week
- Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs an…☆379Updated this week
- A Ruleset to enhance detection capabilities of Ossec using Sysmon☆87Updated 2 years ago
- Tool for managing Zeek deployments.☆54Updated last month
- OASIS Cyber Threat Intelligence (CTI) TC: A repository for commonly used STIX objects in order to avoid needless duplication. https://gi…☆89Updated this week
- Suricata, Snort and Zeek IDS rule and pcap testing system☆469Updated last month
- PcapMonkey will provide an easy way to analyze pcap using the latest version of Suricata and Zeek.☆150Updated 11 months ago
- Docker configurations for TheHive, Cortex and 3rd party tools☆117Updated 2 years ago
- Scirius is a web application for Suricata ruleset management and threat hunting.☆641Updated 2 months ago
- fast, extensible, versatile event router for Suricata's EVE-JSON format☆51Updated 7 months ago
- Jimi is an automation first no-code platform designed and developed originally for Security Orchestration and Response. Since its launch …☆165Updated 7 months ago