Cargill / OpenSIEM-Logstash-ParsingLinks
SIEM Logstash parsing for more than hundred technologies
☆184Updated last month
Alternatives and similar repositories for OpenSIEM-Logstash-Parsing
Users that are interested in OpenSIEM-Logstash-Parsing are comparing it to the libraries listed below
Sorting:
- Contains Logstash related content including tons of Logstash configurations☆253Updated 3 years ago
- Translate an ECS mapping CSV to starter pipelines for Beats, Elasticsearch or Logstash☆54Updated 3 years ago
- SIEGMA - Transform Sigma rules into SIEM consumables☆151Updated 2 months ago
- SIGMA UI is a free open-source application based on the Elastic stack and Sigma Converter (sigmac)☆188Updated 4 years ago
- Splunk Content Control Tool☆114Updated last week
- Wazuh - Splunk App☆55Updated 8 months ago
- Documentation of Cortex☆174Updated last year
- Unofficial third-party scripts, playbooks, and content for IBM QRadar & QRadar Community Edition.☆82Updated 3 weeks ago
- Splunk code (SPL) for serious threat hunters and detection engineers.☆276Updated last year
- Fortinet products logs to Elasticsearch☆98Updated 9 months ago
- This repository contains a few examples of actions that can be added to rules within Elastic Security.☆22Updated 3 months ago
- Parse wazuh[HIDS] alerts into ECS mapping using Filebeat☆27Updated 4 years ago
- Cisco eStreamer client☆24Updated 2 years ago
- ☆126Updated last year
- Splunk Connect for Syslog☆164Updated this week
- A curated list of awesome things related to TheHive & Cortex☆180Updated 3 years ago
- Converts Sigma detection rules to a Splunk alert configuration.☆111Updated 5 years ago
- Synapse: a Meta Alert Feeder for TheHive, a Security Incident Response Platform☆71Updated last year
- Ansible framework providing a fast and simple way to spin up complex Splunk environments.☆126Updated 4 months ago
- ☆216Updated last year
- TrackMe - Data tracking system for Splunk admins☆50Updated 2 years ago
- Python API Client for TheHive☆226Updated this week
- Threat Hunting & Incident Investigation with Osquery☆208Updated 3 years ago
- Data validator agains Splunk Common Information Model (CIM)☆76Updated last year
- SOC Workflow App helps Security Analysts and Threat Hunters explore suspicious events, look into raw events arriving at the Elastic Stack…☆94Updated 2 years ago
- Phantom Community Playbooks☆501Updated 4 months ago
- Phantom Apps Repo☆83Updated 3 years ago
- Documentation of TheHive☆397Updated last year
- Docker Splunk "Orchestration" bash script (6,000+ lines) to create fully automated pre-configured splunk site-2-site clusters or stand al…☆139Updated 5 years ago
- Visual Studio Code Extension for Splunk☆91Updated 3 weeks ago