Difference between revisions of "Cyber Security: SELKS"
Jump to navigation
Jump to search
Onnowpurbo (talk | contribs) (Created page with "SELKS is a free, open-source, and turn-key Suricata network intrusion detection/protection system (IDS/IPS), network security monitoring (NSM) and threat hunting implementatio...") |
Onnowpurbo (talk | contribs) |
||
| Line 4: | Line 4: | ||
Released under GPL 3.0-or-later license, the live distribution is available as either a live and installable Debian-based ISO or via Docker compose on any Linux operating system. | Released under GPL 3.0-or-later license, the live distribution is available as either a live and installable Debian-based ISO or via Docker compose on any Linux operating system. | ||
| + | |||
| + | |||
| + | SELKS is comprised of the following major components: | ||
| + | |||
| + | * Suricata - Ready to use Suricata | ||
| + | * Elasticsearch - Search engine | ||
| + | * Logstash - Log injection | ||
| + | * Kibana - Custom dashboards and event exploration | ||
| + | * Stamus Community Edition (CE) - Suricata ruleset management and Suricata threat hunting interface | ||
| + | |||
| + | |||
| + | In addition, SELKS now includes Arkime, EveBox and CyberChef. | ||
| + | |||
| + | |||
Revision as of 04:08, 16 July 2023
SELKS is a free, open-source, and turn-key Suricata network intrusion detection/protection system (IDS/IPS), network security monitoring (NSM) and threat hunting implementation created and maintained by Stamus Networks.
Released under GPL 3.0-or-later license, the live distribution is available as either a live and installable Debian-based ISO or via Docker compose on any Linux operating system.
SELKS is comprised of the following major components:
- Suricata - Ready to use Suricata
- Elasticsearch - Search engine
- Logstash - Log injection
- Kibana - Custom dashboards and event exploration
- Stamus Community Edition (CE) - Suricata ruleset management and Suricata threat hunting interface
In addition, SELKS now includes Arkime, EveBox and CyberChef.