Skip to content
Open Source SIEM (Security Information and Event Management system).
Branch: master
Clone or download
Latest commit 0fc28ec Mar 18, 2019

README.md

LogESP

LogESP (c) 2018 Dan Persons | MIT License

Index

Asset Management Documentation

Risk Management Documentation

SIEM Documentation

Introduction

LogESP is a SIEM (Security Information and Event Management system) written in Python Django. It features a web frontend, and handles log management and forensics, risk management, and asset management.

Design Principles

Security

LogESP was designed and built as a security application, and minimalism can be good for security.

  • LogESP is built on the Python Django framework.
  • LogESP does not require credentials, or installation of its software, on log sources. Event forwarding is left entirely up to syslog daemons.
  • The LogESP web interface uses no client-side scripting.

NIST guidelines

The LogESP risk management system is based on NIST risk assessment guidelines, and the SIEM and forensics apps are designed to support the NIST incident response and forensics guidelines.

Simplicity

LogESP embraces the Unix design philosophy. It is designed to be as simple as possible, in order to be easy to understand, use, maintain, and extend.

Applications

LogESP includes a few different applications:

  • SIEM - Security Information and Event Management
  • Assets - Asset Management
  • Risk - Risk Management
You can’t perform that action at this time.