Sign in to follow this  
Followers 0

Sagan - Log/IDS/IPS event correlation [SEIM]

2 posts in this topic

Howdy all,

I've been working on a project for a while called "Sagan". Basically, Sagan is a correlation engine that can take Intrusion Detection/Prevention and log (syslog/snmptrap) information and correlate it down into one console. I was asked to give a presentation at the Jacksonville, Florida Northeast Florida ISSA. The below is a link to the video of that presentation, as well as documentation (PDF of the presentation, etc). It basically goes over the ideas and methodologies we used to write Sagan, and future support we plan on adding in. The link is at:

Please check it out if your interested in this type of thing. Sagan is completely open source (GNU/GPL v2). Thanks!


Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  
Followers 0