Cargill / OpenSIEM-Logstash-Parsing
SIEM Logstash parsing for more than hundred technologies
☆180Updated this week
Related projects: ⓘ
- Translate an ECS mapping CSV to starter pipelines for Beats, Elasticsearch or Logstash☆54Updated 2 years ago
- Contains Logstash related content including tons of Logstash configurations☆252Updated 3 years ago
- Fortinet products logs to Elasticsearch☆86Updated 2 weeks ago
- SIGMA UI is a free open-source application based on the Elastic stack and Sigma Converter (sigmac)☆184Updated 3 years ago
- Splunk Connect for Syslog☆152Updated this week
- A curated list of awesome things related to TheHive & Cortex☆170Updated 2 years ago
- SIEGMA - Transform Sigma rules into SIEM consumables☆139Updated last year
- Splunk code (SPL) for serious threat hunters and detection engineers.☆263Updated 8 months ago
- Wazuh - Splunk App☆48Updated 10 months ago
- Docker Splunk "Orchestration" bash script (6,000+ lines) to create fully automated pre-configured splunk site-2-site clusters or stand al…☆138Updated 4 years ago
- Ansible framework providing a fast and simple way to spin up complex Splunk environments.☆117Updated 6 months ago
- ☆124Updated 9 months ago
- Documentation of Cortex☆170Updated last year
- TrackMe - Data tracking system for Splunk admins☆49Updated last year
- ☆207Updated 10 months ago
- Splunk Admins application to assist with troubleshooting Splunk enterprise installations☆89Updated last week
- Simple integration script for 3rd party systems such as SIEMs. Offers command line, file or syslog output in CEF, JSON or key-value pair …☆119Updated last year
- Docker image for MISP☆109Updated last week
- RBA is Splunk's method to aggregate low-fidelity security events as interesting observations tagged with security metadata to create high…☆44Updated this week
- This repository contains a few examples of actions that can be added to rules within Elastic Security.☆22Updated 2 years ago
- ☆16Updated 2 months ago
- MISP Docker (XME edition)☆283Updated 9 months ago
- Python API Client for TheHive☆213Updated 2 weeks ago
- Configuration for a Palo Alto Networks fed ELK Stack with Visualizations☆72Updated 5 years ago
- A Ruleset to enhance detection capabilities of Ossec using Sysmon☆83Updated 2 years ago
- Syntax highlighting for Splunk .conf files☆74Updated last month
- Documentation of TheHive☆391Updated last year
- Visual Studio Code Extension for Splunk☆86Updated 2 weeks ago
- Collaborative Open Playbook Standard☆147Updated last year
- SELinux Policy for Splunk☆55Updated 5 years ago