113 Open source projects that are alternatives of or similar to graylog-zeek-content-pack

Documentation for Zeek

An extremely crude, lightweight Web Frontend for Suricata/Bro to be used with BriarIDS

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.

Network recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, collect and analyse network intelligence from your sensors, and much more!

Bro IDS + ELK Stack to detect and block data exfiltration

Zeek IDS Dockerfile

A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the necessary hardware and setup and finally provide some examples of how you can use the power of Zeek to have absolute control over your network.

Network recon framework, published by @cea-sec & @ANSSI-FR. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, collect and analyse network intelligence from your sensors, and much more!

Oauth2 plugin for graylog project

Alert notification plugin for Graylog to generate log messages from alerts

[DEPRECATED] Graylog Pipeline Message Processor Plugins

Collector plugin for Graylog

Wazuh - Ansible playbook

A kubernetes controller running on bare-metal firewalls, creating nftables rules, configures suricata, collects network metrics

Real-time detection and defense against malicious network activity and policy violations (exploits, port-scanners, advertising, telemetry, state surveillance, etc.)

An IDS implementation using machine learning

Logback appender that sends GELF messages

Useful resources for Zeek(https://zeek.org/) (Bro(http://bro.org/))

Ready to run machine images

🐳 🐘 🚀 Easily setup a PHP project with Docker

Easily Expandable Wireless Intrusion Detection System

Wazuh - Tools for packages creation

Python logging handler for Graylog that sends messages in GELF (Graylog Extended Log Format).

Official Graylog Docker image

This project is a SIEM with SIRP and Threat Intel, all in one.

tool for logrus, let it easy to use

IDS using a port mirror, Snort and an alert -> RESTCONF utility

Library for logging on files, console, memory, email, rest, eventlog, syslog, slack, telegram, redis, logstash, elasticsearch, influxdb, graylog, Sentry, Twilio, ide debug messages and throw events for Delphi/Firemonkey/freepascal/.NET (Windows/Linux/OSX/IOS/Android).

Terraform Provider for Graylog

Fragscapy is a command-line tool to fuzz network protocols by automating the modification of outgoing network packets. It can run multiple successive tests to determine which options can be used to evade firewalls and IDS.

HTTP Monitor plugin for graylog

Detect x86 shellcode in files and traffic.

A CLI Graylog Client with Follow Mode

Graylog Processing Pipeline functions to enrich log messages with IoC information from threat intelligence databases

UTM Firewall on OpenBSD

Several bundled Graylog plugins to integrate with different AWS services like CloudTrail and FlowLogs.

A script using Docker to quickly bring up some honeypots exposing lots of services. For research, reconnaissance, and fun. (DISCLAIMER may not be fun, not to be taken internally, aim away from face)

Graylog input plugin for Elastic Beats

A plugin for Graylog which provides the possibility to send alerts to the Prometheus AlertManager API.

Wazuh - Amazon AWS Cloudformation

Vagrant boxes for Icinga 2, Icinga Web 2, modules, themes and integrations (Graphite, InfluxDB, Elastic, Graylog, etc.)

Flow-Indexer indexes flows found in chunked log files from bro,nfdump,syslog, or pcap files

Manage log collectors through Graylog

setup zeek, previously Bro IDS

Ansible role which installs and configures Graylog

Yara powered NIDS with high speed packet capture powered by PF_RING

Logback appender for sending GELF messages with zero additional dependencies.

Zeek network security monitor plugin that enables parsing of the S7 protocol

Centralize Management of Intrusion Detection System like Suricata Bro Ossec ...

Super short, fully unique, non-sequential and URL-friendly Ids

Icinga is a monitoring system which checks the availability of your network resources, notifies users of outages, and generates performance data for reporting.

Graylog alarm callback for Slack

Graylog Metrics Reporter Plugins

Machine learning based Intrusion detection system (IDS)

NLog target that pushes log messages to Graylog using the Http input.

Python logging handlers with GELF (Graylog Extended Log Format) support

Collector script for retrieving audit logs from the Office 365 API with file or network/graylog output.

Hashids, ported for Perl

Graylog API client for Go and terraform provider for Graylog