Siem Python Packages

secops

A helper SDK to wrap the Google SecOps API for common security use cases

sigmatools

Main Sigma Rule Repository

pysigma-backend-loki

pySigma backend for generating Grafana Loki/LogQL rules

tenzir

Tenzir CLI bindings and binary launchers

logsentinelai

LLM-powered security log analyzer: detect threats & anomalies with zero regex — just declare a Pydantic schema. Real-time Telegram alerts, SIEM-ready with Elasticsearch/Kibana. Supports OpenAI, Ollama, vLLM.

agentic-threat-hunting-framework

ATHF is a framework for agentic threat hunting - building systems that can remember, learn, and act with increasing autonomy.

txt2detection

A command line tool that takes a txt file containing threat intelligence and turns it into a detection rule.

pyvast

A security telemetry engine for detection and response

eis-sigmatools

Tools for the Generic Signature Format for SIEM Systems

pysigma-backend-victorialogs

pySigma backend that converts Sigma detection rules to LogsQL queries for VictoriaLogs

mozdef-util

Utilities shared throughout the MozDef codebase

vellaveto-sdk

Agentic security control plane for MCP and AI agent tool calls. MCP-native policy gateway with topology discovery and audit.

pytenzir

A security telemetry engine for detection and response

splunk-app-packager

A tool to package up your splunk app and deploy it.

django-audit-wazuh

Django Audit

mpsiemlib

MaxPatrol SIEM API SDK

skipper-cli

python SOC Automation & Recon Toolkit - Port scanner, threat intel, log analyser

openuba

A robust, and flexible open source User & Entity Behavior Analytics (UEBA) framework used for Security Analytics. Developed with luv by Data Scientists & Security Analysts from the Cyber Security Industry. [BETA]