Supriya Ghosh (Editor)

Sagan (software)

Updated on
Share on FacebookTweet on TwitterShare on LinkedInShare on Reddit
Covid-19
Original author(s)  Champ Clark III
Written in  C
Development status  Active
Operating system  Unix-like
Developer(s)  Quadrant Information Security
Stable release  1.1.6-r1 / 20 March 2017; 7 days ago (2017-03-20)

Sagan is an open source (GNU/GPLv2) multi-threaded, high performance, real-time log analysis & correlation engine developed by Quadrant Information Security that runs on Unix operating systems. It is written in C and uses a multi-threaded architecture to deliver high performance log & event analysis. Sagan's structure and rules work similarly to the Sourcefire Snort IDS/IPS engine. This allows Sagan to be compatible with Snort rule management software and give Sagan the ability to correlate with Snort IDS/IPS data. Sagan can record events to the Snort "unified2" output format which makes Sagan compatible with user interfaces such as Snorby, Sguil, BASE and proprietary consoles

Sagan supports different output formats for reporting and analysis, log normalization, script execution on event detection, automatic firewall support via "Snortsam", GeoIP detection/alerting, multi-line log support, and time sensitive alerting.

References

Sagan (software) Wikipedia


Similar Topics
Dragon Seed (film)
Kairat Mami
Andrzej Grabarczyk (actor)
Topics
 
B
i
Link
H2
L