Home

Welcome to the S1EM wiki!

Today, cyber attacks are more numerous and cause damage in companies. Nevertheless, many software products exist to detect cyber threats. The S1EM solution is based on the principle of bringing together the best products in their field, free of charge, and making them quickly interoperable.

S1EM is a SIEM with SIRP and Threat Intel, a full packet capture, all in one.

Inside the solution:

• Cluster Elasticsearch
• Kibana
• Filebeat
• Logstash
• Metricbeat
• Auditbeat
• Heartbeat
• N8n
• Zircolite
• Velociraptor
• Syslog-ng
• Elastalert
• TheHive
• Cortex
• MISP
• OpenCTI
• Arkime
• Suricata
• Zeek
• Mwdb
• Homer
• Traefik
• Watchtower

Guides

• Installation Guide
• Access Guide
• Configuration Guide
• Upgrade guide
• Detection Guide
• Incident Response Guide
• Threat Intel Guide
• Agent Guide
• Architecture Guide
• Troubleshooting Guide
• Screenshot of S1EM