DynamiteNSM is a lightweight, versatile network security monitor designed to make securing your network environment simple and intuitive. It is easily deployed in different environments including high-speed data centers, small-to-large enterprises, IoT & industrial networks, and even at home.
DynamiteNSM includes two key components: the agent and the monitor. The agent extracts Zeek network metadata coupled with Suricata IDS security alerts and forwards them to the monitor. The monitor processes incoming events and presents analytic information via dashboards and a powerful query interface.
DynamiteNSM can handle massive volumes of network traffic. Unlike many other tools, it can be installed and managed with a standalone command-line utility. The system is inherently passive without disruption to the network. There is no need to install agents on every computer, perform network scans, or directly interact with network assets.
To get started. Simply install via PIP on a supported operating system:
sudo pip3 install dynamite-nsm
The agent (sensor) is responsible for generating JSON events from raw network data acquired off the wire as well as parsing out relevant information, and forwarding these events to a monitor or third-party data-store.
To install on your sensor hardware (or VM):
sudo dynamite agent install --inspect-interfaces=<iface1> <iface2> <iface3>
The monitor collects events/alerts generated by the agent quickly indexing them and presenting them within intuitive visualizations and powerful query interfaces.
To install on your monitor hardware (or VM):
sudo dynamite monitor install
Checkout our comprehensive documentation complete with tutorials, guides, and example quickstart deployments.
Those wishing to contribute may also be interested in our development guides.