Skip to content

Artemis-solomon/SentinelGuard

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

36 Commits
app
app
 
 
docs
docs
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

SentinelGuard: Log Analysis Tool

SentinelGuard is a powerful log analysis tool designed to enhance security measures by analyzing log files from various sources, such as web servers and firewalls. The tool identifies potential security incidents through log correlation and anomaly detection, providing proactive insights for threat mitigation.

Features

  • Log File Integration: Support for multiple log file formats, ensuring compatibility with various sources.

  • Log Parsing and Normalization: Parse and normalize log entries to create a standardized representation.

  • Log Correlation: Correlate log entries from different sources to provide a comprehensive view of activities.

  • Anomaly Detection: Implement machine learning algorithms for anomaly detection.

  • Alerting Mechanism: Real-time alerting for identified security incidents with customizable thresholds.

  • User-Friendly Dashboard: Intuitive and interactive dashboard for visualizing log data.

  • Search and Query Interface: Robust search functionality and a query interface for advanced analysis.

  • Historical Analysis: Retention of historical log data for trend analysis and reporting.

Getting Started

Prerequisites

  • Python 3.6 or higher
  • MongoDB (if using database storage)

Installation

  1. Clone the repository:

    git clone https://github.com/yourusername/SentinelGuard.git

  2. Navigate to the project directory:

    cd SentinelGuard

  3. Install the required dependencies:

    pip install -r requirements.txt

Configuration

Modify the config/config.yaml file to set up the necessary configurations, including the path to your log file, anomaly detection threshold, and any database or web server settings.

# /config/config.yaml

log_file_path: "path/to/your/logfile.log"
anomaly_threshold: 0.8
# Add other configurations as needed

Usage

Run the main application using the following command:

python app/main.py

The tool will continuously analyze log data and provide insights based on your configurations.

Testing

To run the tests, use the following commands:

# Run all tests
python -m unittest discover tests

# Run a specific test file
python -m unittest tests.test_log_parser

Contributing

Contributions are welcome! If you find any issues or have suggestions for improvements, please open an issue or create a pull request.

License

This project is licensed under the MIT License.

Acknowledgments

  • The development of SentinelGuard was inspired by the need for a comprehensive log analysis tool.
  • Special thanks to the open-source community for providing essential libraries and frameworks.

About

SentinelGuard is a robust Log Analysis Tool.

Topics

hashing log-analysis monitoring data-visualization python3 cybersecurity anomaly security-incidents red-team forensic-analysis data-integrity anomaly-detection log-parsing blue-team log-correlation forensics-tools

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages