There are two projects that spawned to enhance the Sguil experience, first would be instantNSM that I have mentionned quite a few times, however there are still not many people knowing what instantNSM is and the existance of it even. Here I would like to emphasize again about this project, if you feel that Sguil is hard to deploy due to the problem of getting all the components working properly, that's the main reason why instantNSM is here to serve that purpose, easing the installation and configuration of sguil so that Sec Analyzt can start tinkering with sguil without much hassle going through deployment phase. Though it is linux centric however Hanashi promises to add supports for other OS platforms in future.
Squert - Simple Query and Report Tool for Sguil, aims to generate web base report via browser. It is useful when you don't have sguil client installed but only web browser, though this can give a quick overview and report to the admin of the sguil who don't have time to monitor the event in real time. I haven't have time to try Squert yet so not much comments about it, but I believe it should be useful and benefit Sguil users.
Here are the links of two projects that I have mentionned, feel free to give it a try.
Squert - Simple Query and Report Tool for Sguil, aims to generate web base report via browser. It is useful when you don't have sguil client installed but only web browser, though this can give a quick overview and report to the admin of the sguil who don't have time to monitor the event in real time. I haven't have time to try Squert yet so not much comments about it, but I believe it should be useful and benefit Sguil users.
Here are the links of two projects that I have mentionned, feel free to give it a try.
http://instantnsm.sourceforge.net/
http://squert.sourceforge.net/
Powered by Sguil the F8 Monkey (:])
No comments:
Post a Comment