Overview:

Tracecat is an open-source alternative to Tines / Splunk SOAR designed for security engineers. It offers features similar to Tines, such as hosted Temporal workflows, a no-code workflow builder, automations-as-code, a GitHub Actions-like YAML syntax, a Python-to-no-code compiler, version control, and actions like HTTP requests and if-else statements. Tracecat simplifies the process for modern security teams to build, scale, and maintain workflows, allowing for no-code drag-and-drop UI, configuration-as-code, and syncing between no-code workflows and code.

Features:

• Hosted Temporal workflows
• No-code workflow builder
• Automations-as-code
• GitHub Actions-like YAML syntax
• Python-to-no-code compiler
• Version control
• Actions (HTTP requests, if-else, etc.)
• Case Management
• Dashboard UI
• Command-line interface
• Integrations

Installation:

To install Tracecat self-hosted via docker compose, follow these steps:

1. Clone the Tracecat repository from GitHub.

   git clone https://github.com/tracecat/tracecat.git
   

2. Change directory to the Tracecat folder.

   cd tracecat
   

3. Run Tracecat using docker compose.

   docker-compose up
   

4. Access Tracecat in your web browser at http://localhost:8000.

Summary:

Tracecat is an open-source security automation platform that provides features similar to Tines / Splunk SOAR. It allows security teams to build, scale, and maintain workflows using a combination of no-code drag-and-drop UI and configuration-as-code. With features like hosted Temporal workflows, a no-code workflow builder, automations-as-code, and more, Tracecat is designed to simplify workflow development for modern security teams.