Cargill / OpenSIEM-Logstash-ParsingLinks
SIEM Logstash parsing for more than hundred technologies
☆187Updated 2 weeks ago
Alternatives and similar repositories for OpenSIEM-Logstash-Parsing
Users that are interested in OpenSIEM-Logstash-Parsing are comparing it to the libraries listed below
Sorting:
- Contains Logstash related content including tons of Logstash configurations☆254Updated 4 years ago
- Translate an ECS mapping CSV to starter pipelines for Beats, Elasticsearch or Logstash☆54Updated 3 years ago
- SIEGMA - Transform Sigma rules into SIEM consumables☆154Updated 5 months ago
- Documentation of Cortex☆174Updated last year
- Splunk Admins application to assist with troubleshooting Splunk enterprise installations☆96Updated 2 weeks ago
- A curated list of awesome things related to TheHive & Cortex☆183Updated 3 years ago
- Apps to be used for Shuffle automation. Most of Shuffle's apps (2500+) are generated from APIs, and available in the search engine below:☆116Updated last week
- Splunk Connect for Syslog☆166Updated last week
- RBA is Splunk's method to aggregate low-fidelity security events as interesting observations tagged with security metadata to create high…☆57Updated 3 weeks ago
- Fortinet products logs to Elasticsearch☆98Updated 3 weeks ago
- Splunk code (SPL) for serious threat hunters and detection engineers.☆287Updated last year
- Technical add-on for Splunk related to TheHive/Cortex from TheHive project☆53Updated last week
- Splunk Content Control Tool☆116Updated this week
- Alert Wizard plugin for Graylog to manage the alert rules☆49Updated last month
- Ansible framework providing a fast and simple way to spin up complex Splunk environments.☆129Updated 7 months ago
- Wazuh - Splunk App☆56Updated 11 months ago
- Docker Splunk "Orchestration" bash script (6,000+ lines) to create fully automated pre-configured splunk site-2-site clusters or stand al…☆140Updated 5 years ago
- TrackMe - Data tracking system for Splunk admins☆50Updated 2 years ago
- Simple integration script for 3rd party systems such as SIEMs. Offers command line, file or syslog output in CEF, JSON or key-value pair …☆136Updated last year
- Convert Sigma rules to Wazuh rules☆67Updated last year
- SIGMA UI is a free open-source application based on the Elastic stack and Sigma Converter (sigmac)☆189Updated 4 years ago
- This repository contains a few examples of actions that can be added to rules within Elastic Security.☆22Updated 6 months ago
- SELinux Policy for Splunk☆56Updated 6 years ago
- Python API Client for TheHive☆232Updated 2 weeks ago
- Data validator agains Splunk Common Information Model (CIM)☆76Updated last year
- A (nearly) production ready Dockered MISP☆232Updated last year
- Home for Splunk security datasets.☆125Updated 5 years ago
- Threat Hunting & Incident Investigation with Osquery☆213Updated 3 years ago
- Parse wazuh[HIDS] alerts into ECS mapping using Filebeat☆27Updated 5 years ago
- Unofficial third-party scripts, playbooks, and content for IBM QRadar & QRadar Community Edition.☆83Updated 3 months ago