Generic SIEM engine detector

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for souzo from gravatar.com souzo
Meta

Unverified details

These details have not been verified by PyPI
Meta
  • Author: Vinicius Morais
  • Requires: Python >=3.13
Report project as malware

Project description

Clickdetect

Made in 🇧🇷

Clickdetect is a SIEM engine on steroids, no lock-in with any vendors and powerfull detection.

Follow the doc: https://clickdetect.souzo.me

Starting guide

First of all, create your runner.yml file. (Follow doc for the creation) You will put detectors, webhooks and datasources in the configuration file.

uv

Follow uv installation in https://docs.astral.sh/uv

uv sync --no-dev
uv run clickdetect --api

Docker/Podman

Local

podman build -t clickdetect .
podman run -v ./runner.yml:/app/runner.yml -p 8080 clickdetect --api -p 8080

Github Packages

podman run -v ./runner.yml:/app/runner.yml -p 8080 ghcr.io/clicksiem/clickdetect:latest --api -p 8080

Options

Flag Default Description
--api off Start the REST API server
-p, --port 8080 Port for the API server
-r, --runner runner.yml Path to the runner configuration file
--stdin off Read the runner configuration from stdin
--verbose off Verbose mode
--reload off Hot reload rules
--list-webhooks off List webhooks
--list-datasources off List datasources

Roadmap

Webhooks

  • Complete DFIR-IRIS webhook integration
  • Add Slack webhook
  • Add Discord webhook
  • Add PagerDuty webhook
  • Add Telegram webhook
  • Add Opsgenie webhook

Alert Management

  • Implement timeframe-based alert grouping (avoid duplicate alerts within a window)
  • Implement alert silencing (suppress alerts by rule/group/tenant for a duration)
  • Add API endpoints to manage silences (POST /silence, DELETE /silence/{id})

Rule Management

  • Hot reload rules without restarting (--reload flag or file watcher) ✅
  • API endpoints to add/update/remove rules dynamically (depends on hot reload)
  • Sigma rule conversion support (sigma: true in rule definition)

Datasources

  • Add support for Splunk
  • Add support for OpenSearch
  • Add support for Prometheus/VictoriaMetrics (metrics-based detection)

API & Observability

  • Implement an endpoint to create, edit and delete rules
  • Alert history endpoint to query past triggered rules

Contact-me

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for souzo from gravatar.com souzo
Meta

Unverified details

These details have not been verified by PyPI
Meta
  • Author: Vinicius Morais
  • Requires: Python >=3.13

Release history Release notifications | RSS feed

1.12.0

1.11.2

1.11.1

1.11.0

1.10.0

1.9.0

1.8.1

1.8.0

1.7.0

1.6.0

1.5.0

1.4.0

This version

1.3.0

1.2.0

1.1.1

1.1.0

1.0.1

1.0.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

clickdetect-1.3.0.tar.gz (17.7 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

clickdetect-1.3.0-py3-none-any.whl (30.0 kB view details)

Uploaded Python 3

File details

Details for the file clickdetect-1.3.0.tar.gz.

File metadata

  • Download URL: clickdetect-1.3.0.tar.gz
  • Upload date:
  • Size: 17.7 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: uv/0.11.3 {"installer":{"name":"uv","version":"0.11.3","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for clickdetect-1.3.0.tar.gz
Algorithm Hash digest
SHA256 ee2e0d5f0a5ccfc1f110bd69e384a368bc56978f6aa14de775fd1490c93e9043
MD5 23f2fd263ebf4b1fcee44ca5a914ab29
BLAKE2b-256 11dafd0ad66a989d093602b755e440409ae59949cb5b6d7706fd45c5c867f0e4

See more details on using hashes here.

File details

Details for the file clickdetect-1.3.0-py3-none-any.whl.

File metadata

  • Download URL: clickdetect-1.3.0-py3-none-any.whl
  • Upload date:
  • Size: 30.0 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: uv/0.11.3 {"installer":{"name":"uv","version":"0.11.3","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for clickdetect-1.3.0-py3-none-any.whl
Algorithm Hash digest
SHA256 355c5bcf73619507e872b4948b8981305a7aae9df674fe8afe9fcde83e748303
MD5 b0aa0c18c6e208dcbd3b4633e24a78aa
BLAKE2b-256 106e3186e5e2cd01c65646afaf718af156806a2fb0aa7a0f0e4c3d8756ef1329

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page