.svg){kind=icon}
An 'Observe and Report Buddy' for your SRE toolbox.
Green Orb is a lightweight monitoring tool that enhances your application's reliability by observing its console output for specific patterns and executing predefined actions in response. Designed to integrate seamlessly, it's deployed as a single executable binary that runs your application as a subprocess, where it can monitor all console output, making it particularly useful in containerized environments. Green Orb acts as a proactive assistant, handling essential monitoring tasks and enabling SREs to automate responses to critical system events effectively.
Threat Detection & Incident Response Done Right.
SIEM, Log Management & API Protection.
Graylog is a free and open log management platform.
kubernetes log viewer.
Kubernetes tail. Streams logs from all containers of all matched pods. Match pods by service, replicaset, deployment, and others. Adjusts to a changing cluster - pods are added and removed from logging as they fall in or out of the selection.
Zircolite is a standalone tool written in Python 3. It allows to use SIGMA rules on : MS Windows EVTX (EVTX, XML and JSONL format), Auditd logs, Sysmon for Linux and EVTXtract logs.
Low Code log management solution
FlowG is a log management platform that lets you ingest, transform, and query logs using a visual pipeline builder. It handles structured logs without requiring predefined schemas and relies on BadgerDB as its storage backend.
Like Prometheus, but for logs.
Grafana Loki is a set of open source components that can be composed into a fully featured logging stack. A small index and highly compressed chunks simplifies the operation and significantly lowers the cost of Loki.
Loki is a horizontally-scalable, highly-available, multi-tenant log aggregation system inspired by Prometheus. It is designed to be very cost effective and easy to operate. It does not index the contents of the logs, but rather a set of labels for each log stream.
Affordable full-stack production debugging & monitoring. Resolve Production Issues, Fast.
An Open Source Observability Platform: Unify Session Replays, Logs, Traces, Metrics and Errors – All Without the Datadog Price Tag.
Resolve production issues, fast. An open source observability platform unifying session replays, logs, metrics, traces and errors powered by Clickhouse and OpenTelemetry.
Request analytics from the nginx access logs.
ngtop is a command-line program to query request counts from nginx's access.log files.
The Logfile Navigator, lnav for short, is an advanced log file viewer for the small-scale.
A log file viewer for the terminal. Merge, tail, search, filter, and query log files with ease. No server. No setup. Still featureful.
Logdy a web viewer for logs. Supercharge terminal logs with web browser UI and low-code. Save 90% of time searching and browsing logs.
Web based real-time log viewer. Stream ANY content to a web UI with autogenerated filters. Parse any format with TypeScript.
A lightweight, open-source, and secure log viewer for Docker.
Dozzle is a small lightweight application with a web based interface to monitor Docker logs. It doesn’t store any log files. It is for live monitoring of your container logs only.
Uncomplicated Observability for Python and beyond! 🪵🔥 .
Logfire is an observability platform built on the same belief as our open source library — that the most powerful tools can be easy to use.
Real-time, high-performance reading of log files and writing to clickhouse.
This tool can write the monolog standard log directly to clickhouse in real time via the tcp protocol. If you can write regular rules, other standardized log can also support it.
A terminal application to view, tail, merge, and search log files (plus JSONL).
🌀 A log file highlighter.
tailspin works by reading through a log file line by line, running a series of regexes against each line. The regexes recognize patterns you expect to find in a logfile, like dates, numbers, severity keywords and more.
tailspin does not make any assumptions on the format or position of the items it wants to highlight. For this reason, it requires no configuration and the highlighting will work consistently across different logfiles.
the missing audit log library. auditor's purpose is to provide an easy and standardized way to collect and persists audit logs.
FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is designed to be used in conjunction with a SIEM or other log aggregation tool.
Velociraptor is an advanced digital forensic and incident response tool that enhances your visibility into your endpoints.
Velociraptor is a tool for collecting host based state information using The Velociraptor Query Language (VQL) queries.
Rapidly Search and Hunt through Windows Forensic Artefacts.
Chainsaw provides a powerful ‘first-response’ capability to quickly identify threats within Windows forensic artefacts such as Event Logs and MFTs. Chainsaw offers a generic and fast method of searching through event logs for keywords, and by identifying threats using built-in support for Sigma detection rules, and via custom Chainsaw detection rules.
Open Source Observability Platform for Logs, Metrics, Traces, and More – Your Ultimate Dashboard for Alerts and Insights.
OpenObserve is a cloud native observability platform built specifically for logs, metrics, traces and analytics designed to work at petabyte scale.