Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.
Red Team's SIEM - tool for Red Teams for tracking and alarming about Blue Team activities as well as enhanced usability in long term operations.
Check the wiki for info on usage or one the blog posts or presentations listed below:
Check the wiki for manual installation manual. There are also Ansible playbooks maintained by others:
Here's a conceptual overview of how RedELK works.
This project is developed and maintained by:
We welcome contributions! Contributions can be both in code, as well as in ideas you might have for further development, alarms, usability improvements, etc.