quadrantsec / sagan
Sagan is a multi-threads, high performance log analysis engine. At it's core, Sagan similar to Suricata/Snort but with logs rather than network packets.
☆166Updated 2 weeks ago
Alternatives and similar repositories for sagan:
Users that are interested in sagan are comparing it to the libraries listed below
- Suricata rules for network anomaly detection☆156Updated last week
- A curated list of awesome things related to Suricata☆157Updated 3 weeks ago
- Suricata Verification Tests - Testing Suricata Output☆105Updated this week
- Open source endpoint agent providing host information to Zeek. [v2]☆77Updated 5 months ago
- Suricata Extreme Performance Tuning guide☆206Updated 7 years ago
- ☆29Updated this week
- DynamiteNSM is a free Network Security Monitor developed by Dynamite Analytics to enable network visibility and advanced cyber threat det…☆170Updated last year
- The OTX Suricata Rule Generator can be used to create the rules and configuration for Suricata to alert on indicators from your OTX accou…☆109Updated 11 months ago
- Web Based Event Viewer (GUI) for Suricata EVE Events in Elastic Search☆449Updated 3 weeks ago
- Zeek IDS Dockerfile☆101Updated 2 years ago
- Suricata Extreme Performance Tuning guide - Mark II☆115Updated 6 years ago
- Meer is a "spooler" for Suricata / Sagan.☆29Updated last year
- ☆52Updated this week
- Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs an…☆390Updated this week
- A Ruleset to enhance detection capabilities of Ossec using Sysmon☆91Updated 2 years ago
- Docker configurations for TheHive, Cortex and 3rd party tools☆119Updated 2 years ago
- Suricata, Snort and Zeek IDS rule and pcap testing system☆471Updated 2 months ago
- Convert pcap files into richly-typed ZNG summary logs (Zeek, Suricata, and more)☆79Updated 5 months ago
- Cyber Defence Monitoring Course Suite :: Suricata, Arkime (and others in the past)☆102Updated 9 months ago
- Open Source Security Information and event Management☆90Updated 9 years ago
- Kibana 7 Templates for Suricata IDPS Threat Hunting☆40Updated 2 years ago
- The tool for updating your Suricata rules.☆266Updated 3 months ago
- The Security Analyst’s Guide to Suricata☆54Updated 9 months ago
- Suricata IDS/IPS log analytics using the Elastic Stack.☆238Updated 3 years ago
- An application allowing users to explore, create, annotate, and share extensions of the MITRE ATT&CK® knowledge base. This repository con…☆346Updated last week
- ☆88Updated this week
- Tool for managing Zeek deployments.☆54Updated last week
- Wazuh - Ruleset☆438Updated 6 months ago
- Security event correlation engine for ELK stack☆435Updated 9 months ago
- An open standard for hashing network flows into identifiers, a.k.a "Community IDs".☆176Updated 6 months ago