Access a repository of Analytic Stories and security guides mapped to industry frameworks, with Splunk searches, machine learning algorithms, and playbooks for threat detection and response.
Retraced Audit Log Retraced is the easiest way to integrate a compliant audit log into your application. It provides a searchable, exportable record of read/write events. Client libraries are available for Go and Javascript. Documentation Please head to https://boxyhq.com/docs/retraced/overview for detailed documentation on how to get started with Retraced. Step by step tutorial video Running with docker-compose docker-compose up -d or npm run dev Note: ADMIN_ROOT_TOKEN has been set to dev so you can test the setup locally. Please remember to change this (and other relevant sensitive env vars/secrets) in production. Run an example to see how Retraced works Git checkout the Logs Viewer repo and run npm i followed by npm run dev to start an example which uses Retraced to show you some auto generated events. Refresh the UI a few times for the auto-generated audit logs to kick in. You can also ingest a few custom logs using the following curl command:- curl -X POST -H "Content-Type: application/json" -H "Authorization: token=dev" -d '{ "action": "some.record.created", "teamId": "boxyhq", "group": { "id": "dev", "name": "dev" }, "crud": "c", "created": "2023-01-16T15:48:44.573Z",
Access a repository of Analytic Stories and security guides mapped to industry frameworks, with Splunk searches, machine learning algorithms, and playbooks for threat detection and response.
SysmonSearch makes event log analysis more effective by aggregating Microsoft Sysmon logs and providing detailed analysis through Elasticsearch and Kibana.
GrokEVT is a tool for reading Windows event log files and converting them to a human-readable format.
Elastic is a search-powered AI company that enables users to find answers from all data in real-time at scale.
A visualization app for hpfeeds logs.
A toolset for collecting and processing netflow/ipfix and sflow data from netflow/sflow compatible devices.