Sguil version 1.0.0 includes an embedded webserver providing a AngularJS real time console. All connected clients (Tk and web based) view the same data at the same time. Events categorized by either console are updated immediately on all connected clients. Many standard features are included in the new client and more are being added. Included in this release:
- View real time events in real time (no page refreshing or reloading required)
- Categorize events in real time (F8 supported!)
- Search events (right click menu)
- Generate transcripts (right click menu)
- Request raw pcaps (right click menu)
- View rules
- View packet data
- View IP information (whois and tcpiputils.com)
- View event history
- Message other connected analysts
Try the web based interface at https://demo.sguil.net!