GeoLogonalyzer

GeoLogonalyzer is a utility to perform location and metadata lookups on source IP addresses of remote access logs. This analysis can identify anomalies based on the speed of required travel, distance, hostname changes, ASN changes, VPN client changes, etc. GeoLogonalyzer extracts and processes changes in logon characteristics to reduce analysis requirements. For example, if a user logs on 500 times from 1.1.1.1 and then 1 time from 2.2.2.2, GeoLogonalyzer will create one line of output that shows information related to the change such as detected anomalies, data center hosting information identified, location information, ASN information, and time and distance metrics.

The Terms of Use for this software are subject to the licensing and terms outlined in the OSS repository.

Learn More

Creator

Creator:FireEye
Website:https://www.fireeye.com/

OSS Info

Platform:Linux, macOS, Windows

Support

Contact:Issues

New & Noteworthy

Product Extension
HX iSIGHT Import Script
Orchestration Add-On
FireEye SO Content Bundle
Open-Source
FakeNet-NG
Freeware App
Monitor.app