±Forensic Focus Partners

Become an advertising partner

±Your Account


Username
Password

Forgotten password/username?

Site Members:

New Today: 0 Overall: 36290
New Yesterday: 2 Visitors: 139

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

±Latest Videos

±Latest Jobs

Splunk alternatives

Forensic software discussion (commercial and open source/freeware). Strictly no advertising.
Reply to topicReply to topic Printer Friendly Page
Forum FAQSearchView unanswered posts
Page Previous  1, 2 
  

Beleka
Member
 

Re: Splunk alternatives

Post Posted: Sep 13, 18 12:22

Hello, there isn't any real alternative for Splunk. I have been working with it and it is just magic, the apps support behind it makes it even a greater and more powerful tool, but.. if you want an open source alternative i would choose ELK Stack. It is a SIEM with a similar architecture as Splunk.

www.elastic.co/elk-stack

You can use it with plaso framework to feed the SIEM with a timeline and analyze it from a SIEM creating your own indexing of the data. It can make from your PC a powerful workstation for timeline forensic. Anyway, u have a 500MB indexing free license in Splunk, maybe it fits your needs.


I hope i helped you, Regards,

Sergio.  
 
  

Hunter
Member
 

Re: Splunk alternatives

Post Posted: Aug 12, 19 20:04

 

Page 2 of 2
Page Previous  1, 2