Skip to content
master
Switch branches/tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 
 
 
 
 
 
 
 
 

Brostash

Linux distribution based on Debian and focusing on network security events collection. It comes with the following extra packages/tools:

  • Zeek(Bro) IDS (version: 2.6.1): compiled with PF_RING support.

  • PF_RING (version: 7.2.0): to speed up the packet processing.

  • Filebeat (version: 6.6): for log shipping.

  • Packetbeat (version: 6.6): for network data shipping. Lightweight optional replacement of Bro.

To deploy brostash on a rasberry pi or build an elastic cluster to store the generated logs, check the ansible playbooks in brostash-devops. Also the repository brostash-pipeline provides a collection of Logstash filters for different types of Bro logs.

About

brostash: Linux distribution based on Debian and focusing on network security events collection

Topics

Resources

License

Releases

No releases published

Packages

No packages published

Languages