ElastAlert is a simple framework for alerting on anomalies, spikes, or other patterns of interest from data in Elasticsearch. It works with all versions of Elasticsearch and is designed to be reliable, highly modular, and easy to set up and configure. At Yelp, ElastAlert was created out of the need for a companion tool for alerting on inconsistencies in data managed with Elasticsearch, Logstash, and Kibana.
FEATURES
SIMILAR TOOLS
AlienVault OSSIM provides an all-in-one security management solution with asset discovery, vulnerability assessment, and SIEM capabilities.
Investigate malicious logons by visualizing and analyzing Windows Active Directory event logs with LogonTracer.
HonnyPotter is a WordPress plugin that logs all failed login attempts, with a caution to use it at your own risk.
SysmonSearch makes event log analysis more effective by aggregating Microsoft Sysmon logs and providing detailed analysis through Elasticsearch and Kibana.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.