Skip to content
brostash: Linux distribution based on Debian and focusing on network security events collection
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
data
.gitignore
.gitmodules
LICENSE
README.md
brostash_build.sh

README.md

Brostash

Linux distribution based on Debian and focusing on network security events collection. It comes with the following extra packages/tools:

  • Zeek(Bro) IDS (version: 2.6.1): compiled with PF_RING support.

  • PF_RING (version: 7.2.0): to speed up the packet processing.

  • Filebeat (version: 6.6): for log shipping.

  • Packetbeat (version: 6.6): for network data shipping. Lightweight optional replacement of Bro.

To deploy brostash on a rasberry pi or build an elastic cluster to store the generated logs, check the ansible playbooks in brostash-devops. Also the repository brostash-pipeline provides a collection of Logstash filters for different types of Bro logs.

You can’t perform that action at this time.