Zircolite
Log analyzer
A standalone tool for analyzing and detecting security-related events in various Linux logs using SIGMA rules
A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs
684 stars
25 watching
91 forks
Language: Python
last commit: 3 months ago
Linked from 1 awesome list
auditddetectionevtxevtxtractforensicsforensics-toolspysigmapython3sigmasigma-rulessysmon
meirwah/awesome-incident-responseRelated projects:
| Repository | Description | Stars |
|---|---|---|
 sigmahq/sigma | A standardized format for describing log events to facilitate detection and analysis of security threats | 8,490 |
 dogoncouch/logesp | A security-focused application built with Python Django to manage and analyze log data from various sources. | 198 |
| dogoncouch/logdissect | Analyzes log files and other data from various sources and formats. | 148 |
 jensvoid/lorg | A tool to analyze and detect security incidents in web application logs | 209 |
 confluentinc/confluent-sigma | A tool for analyzing and visualizing log events using structured rules | 53 |
 agilescientific/striplog | Lithology and stratigraphic log analysis tool using Python | 205 |
 thiber-org/userline | Automates analysis of Windows Security Events to identify user logon relations | 241 |
 erickramirezds/cass_log_tools | A collection of scripts for analyzing and summarizing Apache Cassandra logs. | 9 |
 nshalabi/sysmontools | Utilities for analyzing and visualizing Windows event logs from Sysmon, helping users track and monitor system activity. | 1,492 |
 swall0w/torchstat | An analyzer tool for neural networks built on PyTorch | 1,468 |
 yamato-security/wela | Analyzes Windows Event Logs to identify security-related events and provides forensic tools for incident response. | 769 |
 monaxgt/parsefields | Tool for analyzing and structuring log data from JSON-like sources | 7 |
 jpcertcc/sysmonsearch | Analyzes Sysmon event logs to detect suspicious activity and visualize process and network correlations. | 419 |
 kugg/irule-detector | Detects and analyzes command injection vulnerabilities in iRules written in the Tool Command Language (Tcl), allowing for identification of potential security flaws. | 5 |
 esrlabs/chipmunk | A tool for analyzing and searching logfiles in large files | 611 |