Sagan is a multi-threads, high performance log analysis engine. At it's core, Sagan similar to Suricata/Snort but with logs rather than network packets.
☆193Oct 6, 2025Updated 5 months ago
Alternatives and similar repositories for sagan
Users that are interested in sagan are comparing it to the libraries listed below
Sorting:
- ☆35Feb 27, 2026Updated last week
- Meer is a "spooler" for Suricata / Sagan.☆30Jun 21, 2023Updated 2 years ago
- The official Prelude SIEM GitHub of https://www.prelude-siem.org☆40Jun 12, 2016Updated 9 years ago
- provides a Suricata Eve output for Kafka with Suricate Eve plugin☆15Nov 25, 2021Updated 4 years ago
- Endpoint detection for remote hosts for consumption by RITA and Elasticsearch☆79Feb 9, 2026Updated 3 weeks ago
- Web Based Event Viewer (GUI) for Suricata EVE Events in Elastic Search☆484Feb 19, 2026Updated 2 weeks ago
- Shell Language Processing (SLP). Pre-processing of sh/bash/zsh/.. commands for Machine Learning models.☆37Nov 26, 2025Updated 3 months ago
- collector/runner☆64Sep 6, 2025Updated 6 months ago
- A systemd-enabled Kali Linux Docker image, in the spirit of geerlingguy/docker-debian11-ansible.☆15Dec 31, 2025Updated 2 months ago
- netbeacon - monitoring your network capture, NIDS or network analysis process☆19Oct 26, 2013Updated 12 years ago
- The spell program from the 10th Edition Unix system☆10Jul 12, 2020Updated 5 years ago
- Passive service locator, a python sniffer that identifies servers, clients, names and much more☆259Feb 9, 2026Updated 3 weeks ago
- A method for grouping, clustering, and merging semi-structured alerts☆24Nov 15, 2024Updated last year
- Minimalistic WebUI for passiveDNS tool☆18May 6, 2021Updated 4 years ago
- CLI tool for testing Office documents with macros using MaliciousMacroBot☆12Dec 3, 2023Updated 2 years ago
- Wazuh - Virtual Machines (OVA and AMI)☆16Feb 27, 2026Updated last week
- My logstash plugins. Filter: sig (for security detect -> IOC, sig, New value, Reference, link, frequence, ...). Output: alert created by …☆10Jul 26, 2019Updated 6 years ago
- OpenControl Database☆11Jan 5, 2023Updated 3 years ago
- ☆14Sep 28, 2023Updated 2 years ago
- ☆35Jun 22, 2021Updated 4 years ago
- bro on debian with elasticsearch support☆24Mar 27, 2017Updated 8 years ago
- Tenzir is the data pipeline engine for security teams.☆725Updated this week
- Snort/Suricata DAQ module with DPDK patch☆11Apr 10, 2024Updated last year
- Beacon Kibana Executable Report. Aggregates Sysmon Network Events With Elasticsearch and Kibana☆299Feb 9, 2026Updated 3 weeks ago
- ☆13Feb 25, 2021Updated 5 years ago
- Busted. With duct tape, spit and tears. Brought to you by beer.☆12Nov 4, 2021Updated 4 years ago
- Core module for Forgiva Enterprise connecting Forgiva Server to Forgiva Webclient.☆13Mar 28, 2022Updated 3 years ago
- Carving tool based in Radare2 & Yara☆16Oct 30, 2018Updated 7 years ago
- Parse Suricata rules☆14Aug 1, 2023Updated 2 years ago
- This repo contains implementation of IP2Vec model which is used for learning similarities between IP Addresses☆13Oct 7, 2025Updated 4 months ago
- A curated list of awesome things related to Suricata☆221Nov 21, 2025Updated 3 months ago
- Simple helper to use ansible with vagrant☆13Dec 30, 2014Updated 11 years ago
- A robust, and flexible open source User & Entity Behavior Analytics (UEBA) framework used for Security Analytics. Developed with luv by D…☆467Updated this week
- Open-source framework to detect outliers in Elasticsearch events☆205May 22, 2023Updated 2 years ago
- ☆13Apr 8, 2022Updated 3 years ago
- Suricata rule and intel index☆33Jan 13, 2026Updated last month
- ☆14Jan 19, 2022Updated 4 years ago
- Public rules and samples for various automations through LimaCharlie.io☆14Dec 16, 2021Updated 4 years ago
- ☆12Jan 28, 2020Updated 6 years ago