Zircolite Logo

Zircolite

0
Free
Visit Website

Zircolite is a standalone tool written in Python 3 that allows the use of SIGMA rules on various log formats including MS Windows EVTX, Auditd, Sysmon for Linux, EVTXtract, CSV, and XML. It is relatively fast, based on a Sigma backend (SQLite), and can export results to multiple formats like JSON, CSV, Splunk, Elastic, Zinc, and Timesketch. Zircolite can be used directly in Python or through provided binaries.

FEATURES

ALTERNATIVES

ElastAlert is a framework for alerting on anomalies in Elasticsearch data.

Free

An Event Hub to gather, process, and monitor system events and link them to an inventory.

Free

HoneyView is a tool for analyzing honeyd logfiles graphically and textually.

Free

A Security Information and Event Management (SIEM) system with a focus on security and minimalism.

Free

A log management solution that optimizes SIEM performance, provides rapid search and troubleshooting, and meets compliance requirements.

Commercial

Sysmon for Linux is a tool that monitors and logs system activity with advanced filtering to identify malicious activity.

Free

A visualization app for hpfeeds logs.

Free

Apache Metron is a centralized tool for security monitoring and analysis that integrates various open-source big data technologies.

Free

PINNED