A collection of free shareable log samples from various systems with evidence of compromise and malicious activity, maintained by Dr. Anton Chuvakin.
Zentral is an Event Hub to gather, process, and monitor system events and link them to an inventory. The Zentral docs are in the docs directory. They are published at https://docs.zentral.io. Releases You will find the latest release information on GitHub.
A collection of free shareable log samples from various systems with evidence of compromise and malicious activity, maintained by Dr. Anton Chuvakin.
Sysdig is a system visibility tool with native container support.
ElastAlert is a framework for alerting on anomalies in Elasticsearch data.
Windows Event Log Analyzer with logon timeline generator and noise reduction for fast forensics.
A framework for generating log events without the need for infrastructure, allowing for simple, repeatable, and randomized log event creation.
Investigate malicious logons by visualizing and analyzing Windows Active Directory event logs with LogonTracer.