#Log-analysis
Showing 44 of 44 repositories tagged #log-analysis, ranked by stars
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
Log file navigator
Free and open log management
App to easily query, script, and visualize data from every database, file, and API.
Nerdlog: fast, remote-first, multi-host TUI log viewer with timeline histogram and no central server
A machine learning toolkit for log-based anomaly detection [ISSRE'16]
TUI for viewing logs from journald, auditd, file system, Docker and Podman containers, Compose stacks and Kubernetes pods with support for log highlighting and several filtering modes.
Wazuh - Docker containers
LogAI - An open-source library for log analytics and intelligence
Windows应急响应工具---Hawkeye(鹰眼)。集Windows日志分析,进程扫描,主机信息于一体的综合应急响应分析工具
Enterprise-ready SIEM, SOAR and Compliance powered by real-time correlation and threat intelligence.
select * from logs; Tailpipe is an open source SIEM for instant log insights, powered by DuckDB. Analyze millions of events in seconds, right from your terminal.
Wazuh - Ruleset
Plugins for Wazuh Dashboard
Official Graylog Docker image
Wazuh - Ansible playbook
HoloInsight is a cloud-native observability platform with a special focus on real-time log analysis and AI integration.
Wazuh - Project documentation
Ansible role which installs and configures Graylog
DoctorGPT brings GPT into production for application log error diagnosing!
Machine learning algorithms applied on log analysis to detect intrusions and suspicious activities.
CLI utility and Python module for analyzing log files and other data.
Reduce logs to their semantic anomalies
Analyze huge log files (10GB+) instantly in your browser. Zero upload, 100% local processing. Features JSON prettifier, regex filtering, and bookmarks.
This tool parses log data and allows to define analysis pipelines for anomaly detection. It was designed to run the analysis with limited resources and lowest possible permissions to make it suitable for production server use.
Wazuh - RESTful API
🪓 High-Speed Log Analysis & Forensics Tool - Part of NullSec Toolkit
🐞 VS Code extension to debug tracing logs 🦀
g(ULP) core backend and plugins
Turn noisy command output into a short, actionable first pass for coding agents.
LogJoint log viewer core. Viewer plugins for publicly-available domains.
This repo shares blue team security notes and resources for detecting and preventing cyber attacks. Topics covered include email, file, log, malware, memory forensics, and packet analysis.
A curated list for SaaS (Software as a services)
An autonomous SRE agent that monitors cloud logs across multiple platforms, leveraging AI models from various providers to detect anomalies, perform root cause analysis, and automate remediation by creating GitHub Pull Requests.
This script enhances endpoint logging telemetry for the purpose of advanced malware threat detection or for building detections or malware analysis. This can be used in production, however you might want to tune the GPO edits as needed.
Accurately forecast log costs pre-production with Cortisol for Datadog, New Relic, Grafana and GCP Cloud Logging 💰📉
Multi-Agent Debugger: An AI-powered debugging system using CrewAI to orchestrate specialized agents that analyze logs, trace code, and uncover root causes across your stack — powered by LLM providers.
Terminal log analyzer built in Rust with instant filtering, structured field parsing, compressed file support, Docker/OTel streaming, and MCP integration.
Investigating attacks using Splunk Enterprise logs and creating SPL intrusion detection searches based on known attacker TTPs and anomaly behavior derived from statistical baselines
WinLog Insight, an offline Windows log analyzer, gathers system, security and application logs. Its 90 built-in rules spot brute force, abnormal privilege escalation and other threats. It provides visual risk panels, real-time alerts and one-click PDF/Excel audit reports, storing all logs locally.
Triage automation tool
This repository documents my hands on experience and assignments during the Columbia University Cybersecurity Program. It includes home labs related to network security, penetration testing, and defensive security
A curated collection of essential resources, tools, and references for Security Operations Center (SOC) analysts.
Time-aware Search and Storage System