1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
|
Source: sagan
Section: admin
Priority: extra
Maintainer: Pierre Chifflier <pollux@debian.org>
Build-Depends: debhelper (>= 10),
dh-autoreconf,
pkg-config,
libpcre3-dev,
libesmtp-dev,
libpcap-dev,
default-libmysqlclient-dev,
libpq-dev,
libprelude-dev,
liblognorm-dev,
libee-dev
Standards-Version: 3.9.8
Homepage: https://quadrantsec.com/sagan_log_analysis_engine/
#Vcs-Git: git://git.debian.org/collab-maint/sagan.git
#Vcs-Browser: http://git.debian.org/?p=collab-maint/sagan.git;a=summary
Package: sagan
Architecture: any
Depends: ${shlibs:Depends}, ${misc:Depends}, adduser, sagan-rules,
lsb-base (>=3.0-6)
Description: Real-time System & Event Log Monitoring System
Sagan is a multi-threaded, real time system- and event-log monitoring
system, but with a twist. Sagan uses a “Snort” like rule set for
detecting malicious events happening on your network and/or computer
systems.
If Sagan detects a potentially bad event, that event can be stored to a
Snort database (MySQL/PostgreSQL), send it to a SIEM tool like Prelude,
or send an email.
Sagan is meant to be used in a ‘centralized’ logging environment, but
will work fine as part of a standalone Host IDS system for workstations.
|
