SIEM for Log Analysis
Solutions for collecting, analyzing, and managing security logs and events. Task: Log AnalysisExplore 20 curated tools and resources
Search by name, description, or purpose... (⌘+K)
RELATED TASKS
PINNED
Promoted • 4 tools
Commercial
Consulting
Commercial
Application Security
Commercial
Cloud Security
Commercial
Application Security
Want your tool featured here?
Get maximum visibility with pinned placement
LATEST ADDITIONS
A security information and event management solution that collects, normalizes, and analyzes log data from across an organization's infrastructure to enhance threat detection and compliance reporting.
A security information and event management solution that collects, normalizes, and analyzes log data from across an organization's infrastructure to enhance threat detection and compliance reporting.
A tool that collects and displays user activity and system events on a Windows system.
A tool that collects and displays user activity and system events on a Windows system.
A dynamic GUI for advanced log analysis, allowing users to execute SQL queries on structured log data.
A dynamic GUI for advanced log analysis, allowing users to execute SQL queries on structured log data.
A tool for advanced HTTPD logfile security analysis and forensics, implementing various techniques to detect attacks against web applications.
Logdissect is a CLI utility and Python library for analyzing log files and other data.
Logdissect is a CLI utility and Python library for analyzing log files and other data.
A collection of free shareable log samples from various systems with evidence of compromise and malicious activity, maintained by Dr. Anton Chuvakin.
A collection of free shareable log samples from various systems with evidence of compromise and malicious activity, maintained by Dr. Anton Chuvakin.
Browse a library of EQL analytics now natively integrated in Elasticsearch.
Browse a library of EQL analytics now natively integrated in Elasticsearch.
Standalone SIGMA-based detection tool for EVTX, Auditd, Sysmon for Linux, XML or JSONL/NDJSON Logs.
Standalone SIGMA-based detection tool for EVTX, Auditd, Sysmon for Linux, XML or JSONL/NDJSON Logs.
Python application to translate Zeek logs into ElasticSearch's bulk load JSON format with detailed instructions and features.
Python application to translate Zeek logs into ElasticSearch's bulk load JSON format with detailed instructions and features.
ElastAlert is a framework for alerting on anomalies in Elasticsearch data.
A method for log volume reduction without losing analytical capability.
Open source security data lake for AWS with real-time log normalization and Detection-as-Code capabilities.
Open source security data lake for AWS with real-time log normalization and Detection-as-Code capabilities.
GrokEVT is a tool for reading Windows event log files and converting them to a human-readable format.
A community-led project focused on standardizing security event logs.
A community-led project focused on standardizing security event logs.
Serverless, real-time data analysis framework for incident detection and response.
Serverless, real-time data analysis framework for incident detection and response.
A tool collection for filtering and visualizing logon events, designed for experienced DFIR specialists in threat hunting and incident response.
A tool collection for filtering and visualizing logon events, designed for experienced DFIR specialists in threat hunting and incident response.
Search AWS CloudWatch logs on the command line with aws-sdk-for-go.
A Command Line Map-Reduce tool for analyzing cowrie log files over time and creating visualizations and statistics.
A Command Line Map-Reduce tool for analyzing cowrie log files over time and creating visualizations and statistics.
Graylog offers advanced log management and SIEM capabilities to enhance security and compliance across various industries.
Graylog offers advanced log management and SIEM capabilities to enhance security and compliance across various industries.