RockNSM is an open-source collections platform designed by the members of the Missouri National Guard Cyber Team (MOCYBER). It's primary focus is to provide a robust, scalable, and secure sensor platform for both enduring security monitoring (NSM) and incident response (IR) missions. Why choose us over the other names in the NSM game? Continue to the OVERVIEW.


We've been working on a lot of changes and ROCK 2.1 is here! You can read the full details in the changelog, but here's a quick overview of some of the latest additions:

New Features
  • Docket, a REST API and web UI to query multiple stenographer instances
  • Added Suricata-Update to manage Suricata signatures
  • GPG signing of packages and repo metadata
  • Added functional tests using testinfra
  • Initial support of Elastic Common Schema
  • Includes full Elastic (with permission) stack including features formerly known as X-Pack
  • Elastic Stack is updated to 6.x
  • Elastic dashboards, mappings, and Logstash config moved to module-like construct
  • Suricata is updated to 4.x
  • Bro is updated to 2.5.4
Deprecated - will be removed in the next release
  • Snort
  • Pulled Pork

Video Guides

We've also been hard at work creating video content.

  • ROCK Introduction - what ROCK is and how everything works together
  • ROCK@home - 3 part series on the lowest barrier to entry: tapping your home network


OVERVIEW - concept / design, components / dataflow

BUILD - installation / configuration / deployment

OPERATE - basic usage / operation

MAINTAIN - administer / tune / troubleshoot

SERVICES - individual service management

DEV - development / testing / customization


This project is made possible by the efforts of an ever-growing list of amazing people. Take a look around our project to see all our contributors.

results matching ""

    No results matching ""