Logdissect is a CLI utility and Python library for analyzing log files and other data. It can parse, merge, filter, and export data (to log files, or JSON). Installing: To install the latest release, see the latest instructions on the releases page. To install the development source, see the instructions in CONTRIBUTING.md. Usage Options: usage: logdissect.py [-h] [--dhost DHOST] [--grep PATTERN] [--last LAST] [--process PROCESS] [--protocol PROTOCOL] [--range RANGE] [--utc] [--rdhost DHOST] [--rgrep PATTERN] [--rprocess PROCESS] [--rprotocol PROTOCOL] [--rshost SHOST] [--rsource SOURCE] [--shost SHOST] [--source SOURCE] [--linejson LINEJSON] [--outlog OUTLOG] [--label LABEL] [--sojson SOJSON] [--pretty] [--version] [--verbose] [-s] [--list-parsers] [-p PARSER] [-z] [-t TZONE] [file [file ...]] For library documentation, see the module documentation.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
SysmonSearch makes event log analysis more effective by aggregating Microsoft Sysmon logs and providing detailed analysis through Elasticsearch and Kibana.
Investigate malicious logons by visualizing and analyzing Windows Active Directory event logs with LogonTracer.
Sysmon for Linux is a tool that monitors and logs system activity with advanced filtering to identify malicious activity.
A logging proxy tool created in response to the 'MongoDB Apocalypse', with Docker support.