beave/sagan-rules
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
master
Could not load branches
Nothing to show
Could not load tags
Nothing to show
{{ refName }}
default
Name already in use
A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Code
-
Clone
Use Git or checkout with SVN using the web URL.
Work fast with our official CLI. Learn more.
- Open with GitHub Desktop
- Download ZIP
Sign In Required
Please sign in to use Codespaces.
Launching GitHub Desktop
If nothing happens, download GitHub Desktop and try again.
Launching GitHub Desktop
If nothing happens, download GitHub Desktop and try again.
Launching Xcode
If nothing happens, download Xcode and try again.
Launching Visual Studio Code
Your codespace will open once ready.
There was a problem preparing your codespace, please try again.
Latest commit
Git stats
Files
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
** README ** This repo has MOVED. The new location is https://github.com/quadrantsec/sagan-rules Welcome to the "Sagan Rules" README file ---------------------------------------- This is the Git repository for the Sagan engine rule sets. You probably won't find these useful unless you're actually using Sagan! For more information, check out the Sagan main web site at: http://sagan.quadrantsec.com Github related site: http://github.com/beave/sagan What is Sagan? -------------- Sagan is an open source (GNU/GPLv2) high performance, real-time log analysis & correlation engine. It is written in C and uses a multi-threaded architecture to deliver high performance log & event analysis. The Sagan structure and Sagan rules work similarly to the Sourcefire "Snort" IDS engine. This was intentionally done to maintain compatibility with rule management software (oinkmaster/pulledpork/etc) and allows Sagan to correlate log events with your Snort IDS/IPS system. Since Sagan can write to Snort IDS/IPS databases via unified2/barnyard2, it is compatible with all Snort "consoles". For example, Sagan is compatible with Snorby [http://www.snorby.org], Sguil [http://sguil.sourceforge.net], BASE, and the Prelude IDS framework! (to name a few). Sagan supports many different output formats, log normalization (via liblognorm), script execution on event and automatic firewall support via "Snortsam" (see http://www.snortsam.net). For more information, please visit the Sagan web site: http://sagan.quadrantsec.com.
About
Rule sets for Sagan
Resources
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published
