LogESP

LogESP is a SIEM (Security Information and Event Management system) written in Python Django. It features a web frontend and handles log management and forensics, risk management, and asset management.

Design Principles

Security

LogESP was designed and built as a security application, and minimalism can be good for security.

• LogESP is built on the Python Django framework.
• LogESP does not require credentials, or installation of its software, on log sources. Event forwarding is left entirely up to syslog daemons.
• The LogESP web interface uses no client-side scripting.

NIST guidelines

The LogESP risk management system is based on NIST risk assessment guidelines, and the SIEM and forensics apps are designed to support the NIST incident response and forensics guidelines.

Simplicity

LogESP embraces the Unix design philosophy. It is designed to be as simple as possible, in order to be easy to understand, use, maintain, and extend.

Applications

LogESP includes a few different applications:

• SIEM – Security Information and Event Management
• Assets – Asset Management
• Risk – Risk Management

Install && Use

Copyright (c) 2017 Dan Persons (dpersonsdev@gmail.com)