SysmonSearch
SysmonSearch makes event log analysis more effective by aggregating Microsoft Sysmon logs and providing detailed analysis through Elasticsearch and Kibana.
MongoDB-HoneyProxy is a logging proxy tool created in response to the 'MongoDB Apocalypse'. Pre-requisites: sudo apt-get install nodejs npm gcc g++. You'll also need to install MongoDB for this to function. Setup: Create a MongoDB database, generate dummy data with JSON Generator, and install the project by cloning the repository and running npm install. To run the project, use node index.js. Docker version: Build a Docker image with 'docker build --tag="changeme" .', then run it with 'docker run -d -p 27017:27017 --name="changeme" changeme'. To access the container, use 'docker exec -it changeme bash'.
SysmonSearch makes event log analysis more effective by aggregating Microsoft Sysmon logs and providing detailed analysis through Elasticsearch and Kibana.
GrokEVT is a tool for reading Windows event log files and converting them to a human-readable format.
Track user activity and API usage on AWS and in hybrid and multicloud environments.
A cloud-native SIEM platform that provides security analytics, intuitive workflow, and simplified incident response to help security teams defend against cyber threats.
A centralized tool for security monitoring and analysis that integrates various open source big data technologies.
HoneyView is a tool for analyzing honeyd logfiles graphically and textually.