SOC Tools

Providing NRENs with a baseline toolset for SOC services

As the need for SOC operations arose within the NREN community, the GÉANT project created an interoperable set of tooling which can serve as a starting point for a NREN’s SOC. This tooling aims to assist with automation of the NREN’s security processes and data gathering. While a full stack including the acceptance of log and IDS data has been developed using existing tools, the focus had been layed upon easy and modular expandability.
The core layout is as follows:

General overview of the SOC-tools tooling

The current state of the tooling can be installed in a docker environment and is available upon request from GÉANT’s GitLab.
A mailing discussion group for interested NRENs has been created – please contact soc-tools-request@lists.geant.org for more information.
Skip to content