After 5 years of development, Sagan 1.0.0 released!

Sagan works very similar to Intrusion Detection System (IDS) engines like Snort and Suricata. However, rather than analyzing network packets, Sagan analyzes logs for malicious activity. Due to Sagan’s multi-threaded nature, the analysis, detection, and correlation is done in 100% real time. Champ Clark III and his team have been working hard to develop and support Sagan since 2010 in efforts to release the best open source (GNU/GPLv2) log analysis engine in the space. The log analysis engine is primarily met to run on Linux systems.