LDSI is a SIEM (Security Information and Event Management system) written in Python Django. It features a web frontend, and handles log management and forensics, risk management, and asset management.
LDSI was designed and built as a security application, and minimalism can be good for security.
+ LDSI does not require credentials, or installation of its software, on log sources. Event forwarding is left entirely up to syslog daemons.
+ LDSI uses no client-side scripting.
* NIST guidelines
The LDSI risk management system is based on NIST risk assessment guidelines, and the SIEM and forensics apps are designed to support the NIST incident response and forensics guidelines.
LDSI embraces the Unix design philosophy. It is designed to be as simple as possible, in order to be easy to understand, use, maintain, and extend.
LDSI includes a few different applications:
– SIEM – Security Information and Event Management
– Assets – Asset Management
– Risk – Risk Management
Use and Download:
sudo apt install build-essential python3-dev python3-venv libmysqlclient-dev mariadb-server nginx
systemctl enable --now mysql
mysql -u root -p
Note: Change the password below (IDENTIFIED BY). Even though it's localhost.
CREATE DATABASE siem_data CHARACTER SET UTF8;
CREATE USER ldsictrl@localhost IDENTIFIED BY 'siems2bfine';
GRANT ALL PRIVILEGES ON siem_data TO ldsictrl@localhost;
git clone https://github.com/dogoncouch/ldsi.git
More installation guideline Ubuntu Server