Log Analysis

50 projects

Showing 36 of 50 projects

kibanaTypeScript

Open-source interface for querying, analyzing, visualizing, and managing Elasticsearch data.

#hacktoberfest#open-source#observability

An open-source unified XDR and SIEM platform for threat prevention, detection, and response across endpoints and cloud workloads.

#container-security#siem#malware-detection

An open-source, participative security engine that detects and blocks malicious IPs using crowdsourced threat intelligence.

#crowdsourced-security#waf#ids

Stars13.7k

Forks648

Last commit3 days ago

Sigma RulesPython

A generic and open signature format for describing log event detections, shareable across SIEM systems.

#signatures#yaml#siem

Stars10.5k

Forks2.6k

Last commit8 days ago

SigmaPython

A generic and open signature format for describing log event detections, shareable across SIEM systems.

#signatures#yaml#siem

Stars10.5k

Forks2.6k

Last commit8 days ago

Elastalert | YelpPython

A simple framework for alerting on anomalies, spikes, or other patterns in Elasticsearch data.

#devops#siem#observability

Stars8.0k

Forks1.7k

Last commit1 year ago

ElastalertPython

A flexible framework for alerting on anomalies, spikes, or patterns in Elasticsearch data.

#devops#real-time-alerts#monitoring

Stars8.0k

Forks1.7k

Last commit1 year ago

SerilogC#

A diagnostic logging library for .NET applications with first-class support for structured event data.

#observability#diagnostic-tools#message-templates

Stars8.0k

Forks855

Last commit28 days ago

OSSECC

Open Source Host-based Intrusion Detection System performing log analysis, file integrity checking, rootkit detection, and active response.

#real-time-alerting#siem#policy-monitoring

Stars5.0k

Forks1.1k

Last commit12 days ago

Hunting ELK (HELK)Jupyter Notebook

An open-source threat hunting platform with advanced analytics capabilities built on ELK stack, Apache Spark, and Jupyter notebooks.

#apache-spark#elk-stack#security-analytics

Stars3.9k

Forks690

Last commit2 years ago

claude-devtoolsTypeScript

A desktop app that reconstructs Claude Code's full execution trace from local session logs, showing every tool call, subagent, and token.

#ai#developer-tools#desktop-app

Stars3.5k

Forks268

Last commit26 days ago

Loghub

A large collection of real-world system log datasets for AI-driven log analytics research.

#logs#operating-systems#distributed-systems

Stars2.7k

Forks778

Last commit1 day ago

Windows Events Attack SamplesHTML

A collection of 200 Windows EVTX event log samples mapped to MITRE ATT&CK techniques for detection testing and threat hunting.

#digital-forensics#security-training#windows-security

A lightweight, single-binary tool for viewing and filtering terminal logs in a real-time web interface.

#devops#terminal-tools#logs

Stars2.2k

Forks71

Last commit9 months ago

PlasoPython

A Python-based engine for automatic creation of super timelines from computer system logs and files for digital forensic analysis.

#parsing#digital-forensics#timeline

Stars2.1k

Forks418

Last commit12 days ago

KQL Advanced Hunting Queries & Analytics RulesPython

A collection of ready-to-use KQL queries for threat hunting, detection, and analytics in Microsoft Defender for Endpoint and Azure Sentinel.

#azure-sentinel#security-analytics#vulnerability-management

A terminal user interface for viewing and filtering logs from journald, auditd, file systems, Docker, Podman, and Kubernetes with highlighting.

#terminal-application#syslog#gocui

Stars1.3k

Forks31

Last commit5 days ago

DebugViewPPC++

A Windows application for collecting, viewing, and filtering logs from various sources like OutputDebugString, files, sockets, and ADB.

#logfile#filter#adb

Stars1.3k

Forks174

Last commit1 month ago

USBRipPython

A command-line forensics tool for tracking USB device connection history on GNU/Linux systems.

#digital-forensics#command-line-tool#usb-events

Stars1.2k

Forks113

Last commit3 years ago

atopC

A full-screen ASCII performance monitor for Linux that logs system and process activity with detailed resource utilization.

#processor-utilization#gpu-monitoring#system-performance

Stars1.0k

Forks128

Last commit9 days ago

ZircolitePython

A standalone Python tool for applying SIGMA detection rules to EVTX, Auditd, Sysmon for Linux, and other log formats.

#sigma-rules#security#python3

Stars822

Forks114

Last commit9 days ago

ChipMunkRust

A high-performance desktop application for viewing and analyzing large log files and network traces, with support for automotive formats like DLT.

#search#desktop-application#dlt

Stars775

Forks42

Last commit3 days ago

sigRust

Interactive grep tool for real-time filtering of streaming data with archived mode for static files.

#stream-processing#terminal-utility#interactive

Stars751

Forks13

Last commit3 months ago

ULogViewerC#

A cross-platform universal log viewer built with .NET for reading, parsing, and analyzing various log formats.

#desktop-application#viewer-analysis#filter

Stars578

Forks49

Last commit1 day ago

Real Intelligence Threat Analysis (RITA)Go

An open-source framework for detecting command and control communication through network traffic analysis using Zeek logs.

#security-analytics#beacons#dns-tunneling

Stars573

Forks63

Last commit5 days ago

fblogRust

A small command-line tool to view and filter JSON log files with customizable formatting and Lua-based filtering.

#json-logs#viewer#devops

Stars561

Forks34

Last commit3 days ago

EveboxRust

A web-based GUI for viewing and managing Suricata EVE security events stored in Elasticsearch or SQLite.

#netsec#suricata#ids

Stars493

Forks78

Last commit5 days ago

Panther Labs Detection RulesPython

A collection of built-in detection rules and policies for Panther, a modern SIEM, enabling security monitoring as code.

#yaml#siem#detection-as-code

Stars452

Forks203

Last commit4 days ago

cloudwatch-logs-subscription-consumerJava

A specialized Amazon Kinesis stream reader that delivers CloudWatch Logs data to other systems like Elasticsearch and S3 in near real-time.

#cloudtrail#kinesis#infrastructure-monitoring

Stars399

Forks145

Last commit

Google Cloud Security AnalyticsPython

A community-driven collection of pre-built security analytics queries and rules for auditing and threat detection in Google Cloud.

#security-analytics#yara-l#log-analytics

A fast terminal-based tool for realtime text scanning, regex extraction, and visualization of logs and structured data.

#apache#regex-extraction#analyzer

Stars352

Forks16

Last commit4 months ago

Splunk ES Correlation Searches Best Practices | OpsTune

A collection of Splunk SPL queries and prototypes for threat hunting and detection engineering.

#security-analytics#siem#rules

Stars293

Forks46

Last commit2 years ago

nlessPython

A TUI pager for exploring and analyzing tabular data from logs, CSV, JSON, and streams with vi-like keybindings.

#terminal-pager#spreadsheet#streaming-data

Stars260

Forks6

Last commit1 month ago

lowchartsRust

A Rust tool for drawing low-resolution graphs directly in the terminal for quick data analysis from logs and text files.

#plot#terminal-graphics#bar-chart

Stars251

Forks5

Last commit5 months ago

json-log-viewerGo

An interactive terminal-based viewer for exploring and analyzing structured JSON logs.

#json-logs#go-application#viewer

Stars223

Forks13

Last commit6 days ago

LorgHTML

An advanced Apache logfile security analyzer for post-attack forensics, detecting web application attacks using multiple detection techniques.

#apache#web-security#security-analysis

Stars214

Forks47

Last commit7 years ago

Page 1 of 2

Related Tags

Community-curated · Updated weekly · 100% open source

Found a gem we're missing?

Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.

Submit a project Star on GitHub