Skip to content
/ elleLog Public

MultiThreaded Syslog Server with Elastic Search Support written in Go

Notifications You must be signed in to change notification settings

alisle/elleLog

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

68 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

elleLog, Thoughts on SIEM

elleLog is an experimental POC SIEM designed to explore interesting aspects of SIEM design. elleLog is designed to be multi-threaded, scalable.

It features a innovative plugin design, ElasticSearch back-end and built in Syslog server, as well as OSSIM Sensor support.

Event Taxonomy discusses how the event taxonomy works.

Plugin Functions breaks down the functions which can be used within plugins.

Tags discusses the current standard set of tags which can be used within elleLog.

OSSIM shows how to setup OSSIMs agent to send events to elleLog.

About

MultiThreaded Syslog Server with Elastic Search Support written in Go

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published