Skip to content

/ streamalert

StreamAlert is a serverless, realtime data analysis framework which empowers you to ingest, analyze, and alert on data from any environment, using datasources and alerting logic you define.

streamalert.io
Apache-2.0 License
2.3k stars 293 forks
Star
Watch
master
6 branches 28 tags
Go to file
Code

Clone with HTTPS

Use Git or checkout with SVN using the web URL.

Latest commit

@ryandeivert
ryandeivert official release of v3.4.0 (#1292)
b7971a0 Aug 26, 2020
official release of v3.4.0 (#1292) 
* bumping version to 3.4.0

* updating to terraform v0.13.0 (#1290)

* updating terraform version to 0.13.0 and aws provider to 3.3.0

* misc updates to terraform code

* fixes

* updating for vpc flow logs

* patching out writing of vars in tests

* cloudtrail to cwl fix

* fix
b7971a0

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
.github
 
 
conf
 
 
docs
 
 
matchers
 
 
publishers
 
 
rules
 
 
scheduled_queries
 
 
streamalert
 
 
streamalert_cli
 
 
tests
 
 
vagrant/cli
 
 
.gitignore
 
 
.pylintrc
 
 
AUTHORS.rst
 
 
LICENSE
 
 
README.rst
 
 
Vagrantfile
 
 
constraints.txt
 
 
manage.py
 
 
requirements-top-level.txt
 
 
requirements.txt
 
 
setup.cfg
 
 

README.rst

StreamAlert - Serverless, Realtime Data Analysis Framework

https://coveralls.io/repos/github/airbnb/streamalert/badge.svg?branch=master

StreamAlert

StreamAlert is a serverless, real-time data analysis framework which empowers you to ingest, analyze, and alert on data from any environment, using data sources and alerting logic you define. Computer security teams use StreamAlert to scan terabytes of log data every day for incident detection and response.

Features

  • Rules are written in Python; they can utilize any Python libraries or functions
  • Ingested logs and generated alerts can be retroactively searched for compliance and research
  • Serverless design is cheaper, easier to maintain, and scales to terabytes per day
  • Deployment is automated: simple, safe and repeatable for any AWS account
  • Secure by design: least-privilege execution, containerized analysis, and encrypted data storage
  • Merge similar alerts and automatically promote new rules if they are not too noisy
  • Built-in support for dozens of log types and schemas
  • Built-in collection of broadly applicable community rules
  • Fully open source and customizable: add your own log schemas, rules, and alert outputs

Ready? Let's get started!

Resources

About

StreamAlert is a serverless, realtime data analysis framework which empowers you to ingest, analyze, and alert on data from any environment, using datasources and alerting logic you define.

streamalert.io

Topics

security kinesis serverless terraform lambda aws rules analysis

Resources

Readme

License

Apache-2.0 License

Releases 28

v3.4.0 Latest
Aug 26, 2020
+ 27 releases

Packages

No packages published

Contributors 27

+ 16 contributors

Languages

You can’t perform that action at this time.