ElastAlert is a simple framework for alerting on anomalies, spikes, or other patterns of interest from data in Elasticsearch. It works with all versions of Elasticsearch and is designed to be reliable, highly modular, and easy to set up and configure. At Yelp, ElastAlert was created out of the need for a companion tool for alerting on inconsistencies in data managed with Elasticsearch, Logstash, and Kibana.
FEATURES
SIMILAR TOOLS
A dynamic GUI for advanced log analysis, allowing users to execute SQL queries on structured log data.
Windows Event Log Analyzer with logon timeline generator and noise reduction for fast forensics.
AlienVault OSSIM provides an all-in-one security management solution with asset discovery, vulnerability assessment, and SIEM capabilities.
Elastic is a search-powered AI company that enables users to find answers from all data in real-time at scale.
SysmonSearch makes event log analysis more effective by aggregating Microsoft Sysmon logs and providing detailed analysis through Elasticsearch and Kibana.
Investigate malicious logons by visualizing and analyzing Windows Active Directory event logs with LogonTracer.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.