Dynamite Analytics

dynamite-nsm

DynamiteNSM is a free Network Security Monitor developed by Dynamite Analytics to enable network visibility and advanced cyber threat detection

publish-community_id

Add community_id to all Zeek logs that contain a UID

configurations

dynamite-sdk-lite

Dynamite SDK is the companion software development kit to Dynamite NSM

elastiflow

Network flow Monitoring (Netflow, sFlow and IPFIX) with the Elastic Stack

kmeans_suspicious_http_detector

This detector attempts to identify potentially suspicious HTTP traffic, and then cluster detections into related groups based on common behaviors.

synesis_lite_suricata

Suricata IDS/IPS log analytics using the Elastic Stack.

bpf-validate

A simple command line utility for validating a PCAP filter string (BPF)

kibana_packages

Package visualizations, dashboards, and saved searches into an installable package compatible with any Dynamite stack.

utilities

zeek-utils

General purpose scripts for Zeek.

dynamite-community-id

Zeek support for "community ID" flow hashing.

dynamite-simple-agent-process-manager-plugin

Simple process manager is a very basic manager for controlling various agent components: Zeek, Suricata, and FileBeat.

dynamite_daemon_core

Common packages used by the Dynamite daemon

dynamited_pub

The NSM version of dynamited

gaussian_anomaly_detector

A collection of anomaly detectors integrated with the dynamite_analyzer_framework.

knn_anomaly_detector

knn_anomaly_detector

netbase

Netbase, short for Network Baseliner is a Zeek framework for making and recording quantitative observations about network device activity.

zeek-af_packet-plugin

Plugin providing native AF_Packet support for Zeek (formerly known as Bro).

zeek-packages

Zeek package source