Best Top 10 open source SIEM solutions 2019

SNORT

The SNORT intrusion prevention system performs real-time traffic analysis, packet logging on IP networks while performing protocol analysis and content matching. SNORT is a powerful analysis system that can be used as a SIEM solution.

SNORT can detect attacks like:

  • Buffer overflows
  • Stealth port scans
  • CGI attacks
  • SMB probes
  • OS fingerprinting attacks