Logdissect Logo

Logdissect

0
Free
Visit Website

Logdissect is a CLI utility and Python library for analyzing log files and other data. It can parse, merge, filter, and export data (to log files, or JSON). Installing: To install the latest release, see the latest instructions on the releases page. To install the development source, see the instructions in CONTRIBUTING.md. Usage Options: usage: logdissect.py [-h] [--dhost DHOST] [--grep PATTERN] [--last LAST] [--process PROCESS] [--protocol PROTOCOL] [--range RANGE] [--utc] [--rdhost DHOST] [--rgrep PATTERN] [--rprocess PROCESS] [--rprotocol PROTOCOL] [--rshost SHOST] [--rsource SOURCE] [--shost SHOST] [--source SOURCE] [--linejson LINEJSON] [--outlog OUTLOG] [--label LABEL] [--sojson SOJSON] [--pretty] [--version] [--verbose] [-s] [--list-parsers] [-p PARSER] [-z] [-t TZONE] [file [file ...]] For library documentation, see the module documentation.

FEATURES

ALTERNATIVES

A tool for advanced HTTPD logfile security analysis and forensics, implementing various techniques to detect attacks against web applications.

Free

An Event Hub to gather, process, and monitor system events and link them to an inventory.

Free

Apache Metron is a centralized tool for security monitoring and analysis that integrates various open-source big data technologies.

Free

A toolset for collecting and processing netflow/ipfix and sflow data from netflow/sflow compatible devices.

Free

Converts Sigma and Yara rules to CRYPTTECH's SIEM query language.

Free

Windows Event Log Analyzer with logon timeline generator and noise reduction for fast forensics.

Free

A collection of detections for Panther SIEM with detailed setup instructions.

Free

A collection of free shareable log samples from various systems with evidence of compromise and malicious activity, maintained by Dr. Anton Chuvakin.

Free