Logging Made Easy: Free log management solution from CISA
CISA launched a new version of Logging Made Easy (LME), a straightforward log management solution for Windows-based devices that can be downloaded and self-installed for free.
CISA’s version reimagines technology developed by the United Kingdom’s National Cyber Security Centre (NCSC), making it available to a broader audience on GitHub.
Log management makes systems more secure. Until now, it has been a heavy lift for many targeted organizations, especially those with limited resources. CISA’s LME is a turnkey solution for public and private organizations seeking to strengthen their cybersecurity while reducing their log management burden.
What can you do with Logging Made Easy
Logging Made Easy can:
- Show where administrative commands are being run on enrolled devices.
- See who is using which machine.
- In conjunction with threat reports, it is possible to query for the presence of an attacker in the form of Tactics, Techniques and Procedures (TTPs).
Who is this tool for?
From single IT administrators with a handful of devices in their network to larger organizations.
LME is for you if:
- You don’t have a SOC, SIEM or any monitoring in place at the moment.
- You lack the budget, time or understanding to set up your own logging system.
- You recognize the need to begin gathering logs and monitoring your IT.
- You understand that LME has limitations and is better than nothing – but no match for a professional tool.
- If any, or all, of these criteria fit, then LME is a step in the right direction for you.
More open-source tools to consider:
- Mosint: Open-source automated email OSINT tool
- AWS Kill Switch: Open-source incident response tool
- PolarDNS: Open-source DNS server tailored for security evaluations
- k0smotron: Open-source Kubernetes cluster management
- Kubescape 3.0 elevates open-source Kubernetes security
- GOAD: Vulnerable Active Directory environment for practicing attack techniques
- Wazuh: Free and open-source XDR and SIEM
- Yeti: Open, distributed, threat intelligence repository
- BinDiff: Open-source comparison tool for binary files
- LLM Guard: Open-source toolkit for securing Large Language Models
- Velociraptor: Open-source digital forensics and incident response