security-onion
Sending your docker logs
Our great sponsors
security-onion | Sending your docker logs | |
---|---|---|
3 | - | |
2,900 | 1 | |
- | - | |
3.9 | 0.0 | |
about 3 years ago | over 4 years ago | |
Shell | ||
- | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
security-onion
-
Just a student who wants to start a carrier in Forensic or pentest
https://github.com/Security-Onion-Solutions/security-onion for play with blue team tools
- FOSS SIEM for homelabs?
-
Application monitoring?
Otherwise, it sounds like a case for SIEM but that can be a huge undertaking. As a trial you could setup a Security Onion Import Node, capture some traffic to a pcap file (via a monitor port and Wireshark etc. or some routers do this natively) and see what it gives you. I have to warn you though, it can be quite overwhelming and is the opening to an immense rabbithole. Godspeed
Sending your docker logs
We haven't tracked posts mentioning Sending your docker logs yet.
Tracking mentions began in Dec 2020.
What are some alternatives?
Wazuh - Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
Octopussy - Octopussy - Open Source Log Management Solution
DetectionLab - Automate the creation of a lab environment complete with security tooling and logging best practices
Echofish - Central syslog manager with whitelisting and ability to generate events from syslog entries
cyberchef-recipes - A list of cyber-chef recipes and curated links
Hindsight - Hindsight - light weight data processing skeleton
Microsoft-365-Defender-Hunting-Queries - Sample queries for Advanced hunting in Microsoft 365 Defender
kibana - Your window into the Elastic Stack
snort-rules - An UNOFFICIAL Git Repository of Snort Rules(IDS rules) Releases. [UnavailableForLegalReasons - Repository access blocked]
Fluentd - Fluentd: Unified Logging Layer (project under CNCF)
awesome-pentest - A collection of awesome penetration testing resources, tools and other shiny things
Flume - Mirror of Apache Flume