Zircolite Logo

Zircolite

0
Free
Visit Website

Zircolite is a standalone tool written in Python 3 that allows the use of SIGMA rules on various log formats including MS Windows EVTX, Auditd, Sysmon for Linux, EVTXtract, CSV, and XML. It is relatively fast, based on a Sigma backend (SQLite), and can export results to multiple formats like JSON, CSV, Splunk, Elastic, Zinc, and Timesketch. Zircolite can be used directly in Python or through provided binaries.

FEATURES

ALTERNATIVES

A Security Information and Event Management (SIEM) system with a focus on security and minimalism.

Free

Python library and command line tools for log visualization with interactive plots.

Free

Converts Sigma and Yara rules to CRYPTTECH's SIEM query language.

Free

Serverless, real-time data analysis framework for incident detection and response.

Free

Apache Metron is a centralized tool for security monitoring and analysis that integrates various open-source big data technologies.

Free

AlienVault OSSIM provides an all-in-one security management solution with asset discovery, vulnerability assessment, and SIEM capabilities.

Free

Investigate malicious logons by visualizing and analyzing Windows Active Directory event logs with LogonTracer.

Free

Search AWS CloudWatch logs on the command line with aws-sdk-for-go.

Free

PINNED