SysmonSearch Logo

SysmonSearch

0
Free
SIEM
sysmon
elasticsearch
kibana
event-log-analysis
Visit Website

SysmonSearch makes event log analysis more effective and less time-consuming by aggregating event logs generated by Microsoft's Sysmon. System Overview: SysmonSearch uses Elasticsearch and Kibana (and Kibana plugin). Elasticsearch collects/stores Sysmon's event log. Kibana provides a user interface for Sysmon's event log analysis. The following functions are implemented as Kibana plugin: Visualizes Function - visualizes Sysmon's event logs to illustrate correlation of processes and networks. Statistical Function - collects the statistics of each device or Sysmon's event ID. Monitor Function - monitors incoming logs based on preconfigured rules and triggers alerts. StixIoC server allows adding search/monitor conditions by uploading STIX/IOC files. From StixIoC server Web UI, you can upload STIXv1, STIXv2, and OpenIOC format files. To try SysmonSearch, you can either install software to your own Linux environment with the provided instructions or use the Docker image. For more details, please refer to the SysmonSearch wiki documentation.

FEATURES

ALTERNATIVES

Log Parser Lizard Logo
Log Parser Lizard

A dynamic GUI for advanced log analysis, allowing users to execute SQL queries on structured log data.

Free
SIEM
IBM QRadar Logo
IBM QRadar

IBM QRadar is a SIEM solution for real-time threat detection.

Free
SIEM
HoneyView Logo
HoneyView

HoneyView is a tool for analyzing honeyd logfiles graphically and textually.

Free
SIEM
HpfeedsHoneyGraph Logo
HpfeedsHoneyGraph

A visualization app for hpfeeds logs.

Free
SIEM
Elastic Security Logo
Elastic Security

Elastic is a search-powered AI company that enables users to find answers from all data in real-time at scale.

Commercial
SIEM
Graylog Logo
Graylog

Graylog offers advanced log management and SIEM capabilities to enhance security and compliance across various industries.

Free
SIEM
Procmon for Linux Logo
Procmon for Linux

Procmon for Linux is a reimagining of the classic Procmon tool from Windows, allowing Linux developers to trace syscall activity efficiently.

Free
SIEM
RedELK Logo
RedELK

RedELK enhances Red Team operations with SIEM capabilities to monitor and alert on Blue Team activities.

Free
SIEM

PINNED

Fabric Platform by BlackStork Logo

Fabric Platform by BlackStork

Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.

Free
Security Operations
Mandos Brief Newsletter Logo

Mandos Brief Newsletter

Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.

Free
Blogs and News
Wiz Logo

Wiz

Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.

Commercial
Cloud Security
Adversa AI Logo

Adversa AI

Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.

Commercial
AI Security
CyberSecTools logoCyberSecTools

Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

Copyright © 2024 - All rights reserved

LINKS
Blog
LEGAL
Terms of servicesPrivacy policy