Sagan is billed as the advanced Suricata/Snort like log analysis engine.
It uses a multi-threaded architecture to deliver high performance log & event analysis. Sagan’s structure and rules work similarly to the Snort or Suricata IDS/IPS engines. It maintains compatibility with rule management software (oinkmaster/pulledpork/etc) and allows Sagan to correlate log events with your Snort/Suricata IDS/IPS system.
Sagan is free and open source software.
Features include:
- Automate log management:
- Supports many different output formats.
- Log normalization.
- Script execution on event detection.
- GeoIP detection/alerting.
- Multi-line log support.
- Time sensitive alerting.
- Multi-threaded architecture allows it to use all CPUs / cores for real-time log processing.
- CPU and memory resources are lightweight.
- Built in JSON parsing.
- Similar rule syntax to Cisco’s “Snort” which allows for easy rule management and correlation with Snort or Suricata IDS / IPS systems.
- Store alert data in Cisco’s “Snort” native “unified2” binary data format or Suricata’s JSON format for easier log-to-packet correlation.
- Intra-Process communications between Sagan processes to share data. Sagan can also use Redis (beta) to share data between Sagan instances within a network.
- Compatible with popular graphical-base security consoles like Snorby, BASE, Sguil, and EveBox.
Website: github.com/quadrantsec/sagan
Support:
Developer: Quadrant Information Security
License: GNU General Public License v2.0
Sagan is written in C. Learn C with our recommended free books and free tutorials.
Return to Network Intrusion Detection Systems | Return to Host-Based Intrusion Detection Systems
| Popular series | |
|---|---|
 | The largest compilation of the best free and open source software in the universe. Each article is supplied with a legendary ratings chart helping you to make informed decisions. |
 | Hundreds of in-depth reviews offering our unbiased and expert opinion on software. We offer helpful and impartial information. |
 | Replace proprietary software with open source alternatives: Google, Microsoft, Apple, Adobe, IBM, Autodesk, Oracle, Atlassian, Corel, Cisco, Intuit, and SAS. |
 | Awesome Free Linux Games Tools showcases a series of tools that making gaming on Linux a more pleasurable experience. This is a new series. |
 | Machine Learning explores practical applications of machine learning and deep learning from a Linux perspective. We've written reviews of more than 40 self-hosted apps. All are free and open source. |
 | New to Linux? Read our Linux for Starters series. We start right at the basics and teach you everything you need to know to get started with Linux. |
 | Alternatives to popular CLI tools showcases essential tools that are modern replacements for core Linux utilities. |
 | Essential Linux system tools focuses on small, indispensable utilities, useful for system administrators as well as regular users. |
 | Linux utilities to maximise your productivity. Small, indispensable tools, useful for anyone running a Linux machine. |
 | Surveys popular streaming services from a Linux perspective: Amazon Music Unlimited, Myuzi, Spotify, Deezer, Tidal. |
 | Saving Money with Linux looks at how you can reduce your energy bills running Linux. |
 | Home computers became commonplace in the 1980s. Emulate home computers including the Commodore 64, Amiga, Atari ST, ZX81, Amstrad CPC, and ZX Spectrum. |
 | Now and Then examines how promising open source software fared over the years. It can be a bumpy ride. |
 | Linux at Home looks at a range of home activities where Linux can play its part, making the most of our time at home, keeping active and engaged. |
 | Linux Candy reveals the lighter side of Linux. Have some fun and escape from the daily drudgery. |
 | Getting Started with Docker helps you master Docker, a set of platform as a service products that delivers software in packages called containers. |
 | Best Free Android Apps. We showcase free Android apps that are definitely worth downloading. There's a strict eligibility criteria for inclusion in this series. |
 | These best free books accelerate your learning of every programming language. Learn a new language today! |
 | These free tutorials offer the perfect tonic to our free programming books series. |
 | Linux Around The World showcases usergroups that are relevant to Linux enthusiasts. Great ways to meet up with fellow enthusiasts. |
 | Stars and Stripes is an occasional series looking at the impact of Linux in the USA. |