Zircolite

Log analyzer

A standalone tool for analyzing and detecting security-related events in various Linux logs using SIGMA rules

A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs

GitHub

684 stars
25 watching
91 forks
Language: Python
last commit: 28 days ago
Linked from 1 awesome list

auditddetectionevtxevtxtractforensicsforensics-toolspysigmapython3sigmasigma-rulessysmon

Backlinks from these awesome lists:

Related projects:

Repository Description Stars
sigmahq/sigma A standardized format for describing log events to facilitate detection and analysis of security threats 8,490
dogoncouch/logesp A security-focused application built with Python Django to manage and analyze log data from various sources. 198
dogoncouch/logdissect Analyzes log files and other data from various sources and formats. 148
jensvoid/lorg A tool to analyze and detect security incidents in web application logs 209
confluentinc/confluent-sigma A tool for analyzing and visualizing log events using structured rules 53
agilescientific/striplog Lithology and stratigraphic log analysis tool using Python 205
thiber-org/userline Automates analysis of Windows Security Events to identify user logon relations 241
erickramirezds/cass_log_tools A collection of scripts for analyzing and summarizing Apache Cassandra logs. 9
nshalabi/sysmontools Utilities for analyzing and visualizing Windows event logs from Sysmon, helping users track and monitor system activity. 1,492
swall0w/torchstat An analyzer tool for neural networks built on PyTorch 1,468
yamato-security/wela Analyzes Windows Event Logs to identify security-related events and provides forensic tools for incident response. 769
monaxgt/parsefields Tool for analyzing and structuring log data from JSON-like sources 7
jpcertcc/sysmonsearch Analyzes Sysmon event logs to detect suspicious activity and visualize process and network correlations. 419
kugg/irule-detector Detects and analyzes command injection vulnerabilities in iRules written in the Tool Command Language (Tcl), allowing for identification of potential security flaws. 5
esrlabs/chipmunk A tool for analyzing and searching logfiles in large files 611