StreamAlert Logo

StreamAlert

0
Free
Visit Website

StreamAlert is a serverless, real-time data analysis framework empowering users to ingest, analyze, and alert on data from any environment. It is used by computer security teams to scan terabytes of log data daily for incident detection and response. Rules are written in Python, logs and alerts can be retroactively searched, and deployment is automated and secure by design. It supports dozens of log types, has a collection of community rules, and is fully open source and customizable.

FEATURES

ALTERNATIVES

Sysdig is a system visibility tool with native container support.

Free

A toolset for collecting and processing netflow/ipfix and sflow data from netflow/sflow compatible devices.

Free

AlienVault OSSIM provides an all-in-one security management solution with asset discovery, vulnerability assessment, and SIEM capabilities.

Free

A Security Information and Event Management (SIEM) system with a focus on security and minimalism.

Free

An Event Hub to gather, process, and monitor system events and link them to an inventory.

Free

A log management solution that optimizes SIEM performance, provides rapid search and troubleshooting, and meets compliance requirements.

Commercial

Procmon for Linux is a reimagining of the classic Procmon tool from Windows, allowing Linux developers to trace syscall activity efficiently.

Free

Logdissect is a CLI utility and Python library for analyzing log files and other data.

Free