Cyber Security: SELKS: Difference between revisions
From OnnoCenterWiki
Jump to navigationJump to search
Created page with "SELKS is a free, open-source, and turn-key Suricata network intrusion detection/protection system (IDS/IPS), network security monitoring (NSM) and threat hunting implementatio..." |
No edit summary |
||
| Line 4: | Line 4: | ||
Released under GPL 3.0-or-later license, the live distribution is available as either a live and installable Debian-based ISO or via Docker compose on any Linux operating system. | Released under GPL 3.0-or-later license, the live distribution is available as either a live and installable Debian-based ISO or via Docker compose on any Linux operating system. | ||
SELKS is comprised of the following major components: | |||
* Suricata - Ready to use Suricata | |||
* Elasticsearch - Search engine | |||
* Logstash - Log injection | |||
* Kibana - Custom dashboards and event exploration | |||
* Stamus Community Edition (CE) - Suricata ruleset management and Suricata threat hunting interface | |||
In addition, SELKS now includes Arkime, EveBox and CyberChef. | |||
Revision as of 21:08, 15 July 2023
SELKS is a free, open-source, and turn-key Suricata network intrusion detection/protection system (IDS/IPS), network security monitoring (NSM) and threat hunting implementation created and maintained by Stamus Networks.
Released under GPL 3.0-or-later license, the live distribution is available as either a live and installable Debian-based ISO or via Docker compose on any Linux operating system.
SELKS is comprised of the following major components:
- Suricata - Ready to use Suricata
- Elasticsearch - Search engine
- Logstash - Log injection
- Kibana - Custom dashboards and event exploration
- Stamus Community Edition (CE) - Suricata ruleset management and Suricata threat hunting interface
In addition, SELKS now includes Arkime, EveBox and CyberChef.
