Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.
-
Updated
May 29, 2024 - Python
Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.
Open source security data pipelines.
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community.
Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.
This Docker Compose configuration sets up an Elastic Stack environment, including Elasticsearch, Kibana, Logstash, Metricbeat, Filebeat, and Suricata, using the specified versions.
Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.
Cyber Defence Monitoring Course Suite :: Suricata, Arkime (and others in the past)
Web interface to explore Suricata EVE outputs
Assemblyline 4 network capture analysis service
OPNSense's Suricata IDS/IPS Detection Rules Against NMAP Scans
Repository for configuration files, scripts, code, and other information on the Watchtower Stack
Convert pcap files into richly-typed ZNG summary logs (Zeek, Suricata, and more)
Scirius is a web application for Suricata ruleset management and threat hunting.
Telegram bot that monitors suricata logs and sends alerts based on filters
Ansible Role that installs and configures suricata
Suricata/Snort extension for VS Code
Add a description, image, and links to the suricata topic page so that developers can more easily learn about it.
To associate your repository with the suricata topic, visit your repo's landing page and select "manage topics."