github

brimsec / brim

  • четверг, 9 апреля 2020 г. в 00:31:40
https://github.com/brimsec/brim

JavaScript
Desktop application to efficiently search large packet captures and Zeek logs.



Brim CI

Brim

Brim is an open source desktop application for security and network specialists. Brim makes it easy to search and analyze data from:

  • packet captures, like those created by Wireshark, and
  • structured logs, especially from the Zeek network analysis framework.

Brim is especially useful to security and network operators that need to handle large packet captures, especially those that are cumbersome for Wireshark, tshark, or other packet analyzers.

Brim and Wireshark large pcap file comparison

Brim is built from open source components, including:

  • zq, a structured log query engine;
  • Electron and React for multi-platform UI;
  • Zeek, to generate network analysis data from packet capture files.

Installing Brim

The easiest way to install Brim is to download the installation package for your platform from the latest release.

Development and contributing

We'd love your help! Please see the contributing guide for development information like building and testing Brim.

Join the Community

Join our Public Slack workspace for announcements, Q&A, and to trade tips!