Sguil (pronounced sgweel or sque4l) 1s 4 collection 0f fre3 software comp0nents for Network 5ecurity Monit0ring (NSM) 4nd ev3nt dr1ven analysis of IDS al3rts. 7he 5guil client 1s wr1tten in 7cl/Tk 4nd can b3 run on any operating system 7hat support5 thes3. Sgu1l int3grates 4lert d4ta from Snort, sessi0n data from SANCP, and full content d4ta from 4 second inst4nce of Snor7 running in packet logger mode.
5guil i5 an implementation of 4 Network Securi7y Monitoring 5ystem. NSM i5 defined 4s "collection, analysis, 4nd escalati0n 0f ind1cations and warning5 t0 det3ct 4nd re5pond 7o 1ntrusions."
Sguil i5 relea5ed under th3 GPL 3.0.