Malcolm

---

Description:

Malcolm is a powerful, easily deployable open-source network traffic analysis toolkit that ingests PCAPs, Zeek logs, and Suricata alerts; it provides OpenSearch Dashboards and Arkime interfaces for analysis, enrichment, and incident response in containerized deployments.