Log Analysis
Explore 56 curated cybersecurity tools, with 14,601+ visitors searching for solutions
FEATURED
Password manager with end-to-end encryption and identity protection features
VPN service providing encrypted internet connections and privacy protection
Fractional CISO services for B2B companies to accelerate sales and compliance
Get Featured
Feature your product and reach thousands of professionals.
Real-time threat detection and monitoring platform with SIEM capabilities
Real-time threat detection and monitoring platform with SIEM capabilities
A security information and event management solution that collects, normalizes, and analyzes log data from across an organization's infrastructure to enhance threat detection and compliance reporting.
A security information and event management solution that collects, normalizes, and analyzes log data from across an organization's infrastructure to enhance threat detection and compliance reporting.
A data curation platform that automates security data collection, transformation and routing while reducing data volume and infrastructure costs.
A data curation platform that automates security data collection, transformation and routing while reducing data volume and infrastructure costs.
A comprehensive Linux log analysis tool that streamlines the investigation of security incidents by extracting and organizing critical details from supported log files.
A comprehensive Linux log analysis tool that streamlines the investigation of security incidents by extracting and organizing critical details from supported log files.
A collaborative platform that gathers and analyzes security data to help professionals identify and mitigate cyber threats.
A collaborative platform that gathers and analyzes security data to help professionals identify and mitigate cyber threats.
Varna is an AWS serverless security tool that monitors CloudTrail logs using Event Query Language to detect and alert on suspicious activities in cloud environments.
Varna is an AWS serverless security tool that monitors CloudTrail logs using Event Query Language to detect and alert on suspicious activities in cloud environments.
ALEAPP is a Python-based forensic tool for parsing Android logs, events, and protobuf data with both CLI and GUI interfaces.
ALEAPP is a Python-based forensic tool for parsing Android logs, events, and protobuf data with both CLI and GUI interfaces.
SSH Honeypot written in Go that records commands and IP addresses of attempted logins.
SSH Honeypot written in Go that records commands and IP addresses of attempted logins.
A module for loading Bro logs as tables in Osquery
A module for loading Bro logs as tables in Osquery
A tool that collects and displays user activity and system events on a Windows system.
A tool that collects and displays user activity and system events on a Windows system.
A dynamic GUI for advanced log analysis, allowing users to execute SQL queries on structured log data.
A dynamic GUI for advanced log analysis, allowing users to execute SQL queries on structured log data.
A tool for advanced HTTPD logfile security analysis and forensics, implementing various techniques to detect attacks against web applications.
A tool for advanced HTTPD logfile security analysis and forensics, implementing various techniques to detect attacks against web applications.
ZAT is a Python package that processes and analyzes Zeek network security data using machine learning libraries like Pandas, scikit-learn, Kafka, and Spark.
ZAT is a Python package that processes and analyzes Zeek network security data using machine learning libraries like Pandas, scikit-learn, Kafka, and Spark.
SALO is a framework that generates synthetic log events for security testing and research without requiring actual infrastructure or triggering real events.
SALO is a framework that generates synthetic log events for security testing and research without requiring actual infrastructure or triggering real events.
A comprehensive incident response and threat hunting tool for Google Cloud Platform, providing logs and forensic data for effective incident response and threat hunting.
A comprehensive incident response and threat hunting tool for Google Cloud Platform, providing logs and forensic data for effective incident response and threat hunting.
Logdissect is a CLI utility and Python library for analyzing log files and other data.
Logdissect is a CLI utility and Python library for analyzing log files and other data.
A community-driven repository of pre-built security analytics queries and rules for monitoring and detecting threats in Google Cloud environments across various log sources and activity types.
A community-driven repository of pre-built security analytics queries and rules for monitoring and detecting threats in Google Cloud environments across various log sources and activity types.
Fail2ban is a daemon that automatically bans IP addresses showing malicious behavior by monitoring log files and updating firewall rules to prevent brute-force attacks.
Fail2ban is a daemon that automatically bans IP addresses showing malicious behavior by monitoring log files and updating firewall rules to prevent brute-force attacks.
Medium interaction SSH honeypot for logging brute force attacks and shell interactions.
Medium interaction SSH honeypot for logging brute force attacks and shell interactions.
A collection of free shareable log samples from various systems with evidence of compromise and malicious activity, maintained by Dr. Anton Chuvakin.
A collection of free shareable log samples from various systems with evidence of compromise and malicious activity, maintained by Dr. Anton Chuvakin.
A report on detecting lateral movement through tracking event logs, updated to include analysis of various tools and commands used by attackers.
A report on detecting lateral movement through tracking event logs, updated to include analysis of various tools and commands used by attackers.
Browse a library of EQL analytics now natively integrated in Elasticsearch.
Browse a library of EQL analytics now natively integrated in Elasticsearch.
Standalone SIGMA-based detection tool for EVTX, Auditd, Sysmon for Linux, XML or JSONL/NDJSON Logs.
Standalone SIGMA-based detection tool for EVTX, Auditd, Sysmon for Linux, XML or JSONL/NDJSON Logs.
A PowerShell module for threat hunting and security analysis through Windows Event Log processing and malicious activity detection.
A PowerShell module for threat hunting and security analysis through Windows Event Log processing and malicious activity detection.
