sqlog
OpenSIEM-Logstash-Parsing
sqlog | OpenSIEM-Logstash-Parsing | |
---|---|---|
1 | 2 | |
7 | 174 | |
- | 0.0% | |
4.8 | 8.6 | |
3 months ago | 1 day ago | |
Python | Python | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
sqlog
-
Minimally Invasive (and More Accurate) Analytics: GoAccess and Athena/SQL
I do a similar thing for my site, but instead of renting a database cluster in the cloud, I wrote a small Python script that converts nginx log files into a SQLite database. https://github.com/ruuda/sqlog
OpenSIEM-Logstash-Parsing
- The Cargill SIEM team has published this new project with a collection of logstash parser configs developed in house for multiple technologies. Logstash parsers are usually scattered around in gists and repos but this is a very comprehensive library in a single project!
- Logstash parsers for +100 technologies
What are some alternatives?
octosql - OctoSQL is a query tool that allows you to join, analyse and transform data from multiple databases and file formats using SQL.
sigma - Main Sigma Rule Repository
tull - log teleporter
sexilog - SexiLog is a specific ELK virtual appliance designed for vSphere environment
WebTools.bundle - WebTools is a collection of tools for Plex Media Server. Like the Unsupported AppStore (UAS)
israbrew - Beers from various suppliers across the state scraped onto one website
PurpleCloud - A little tool to play with Azure Identity - Azure Active Directory lab creation tool
pirsch - Pirsch is a drop-in, server-side, no-cookie, and privacy-focused analytics solution for Go.
RedELK - Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.
Presto - The official home of the Presto distributed SQL query engine for big data