Suricata Analytics
Jupyter notebooks and Python tools for threat hunting and data exploration with Suricata network security data.
Overview
Suricata Analytics provides a collection of Jupyter notebooks and Python utilities designed for interactive analysis of Suricata network security data. It enables security analysts and threat hunters to explore, visualize, and investigate network traffic and security events captured by Suricata sensors through integration with Scirius security platforms.
Key Features
- Threat Hunting Notebooks — Pre-built Jupyter notebooks for interactive security investigation and anomaly detection.
- Data Exploration Tools — Python-based utilities for querying, filtering, and analyzing Suricata event logs.
- Scirius API Integration — Connectors to interact with Scirius, SELKS, and SSP manager REST APIs for centralized data access.
- Python Helper Library — A dedicated library (surianalytics) providing data connectors, widgets, and analysis helpers.
- Environment Configuration — Easy setup with environment variables for authentication and connection management.
Philosophy
The project emphasizes practical, interactive analysis workflows for security professionals, bridging raw Suricata data with actionable insights through reproducible notebooks and modular tools.
Related Projects
Found a gem we're missing?
Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.
