Cargill / OpenSIEM-Logstash-ParsingLinks
SIEM Logstash parsing for more than hundred technologies
☆185Updated 2 weeks ago
Alternatives and similar repositories for OpenSIEM-Logstash-Parsing
Users that are interested in OpenSIEM-Logstash-Parsing are comparing it to the libraries listed below
Sorting:
- Translate an ECS mapping CSV to starter pipelines for Beats, Elasticsearch or Logstash☆54Updated 3 years ago
- Contains Logstash related content including tons of Logstash configurations☆253Updated 3 years ago
- SIEGMA - Transform Sigma rules into SIEM consumables☆151Updated 3 months ago
- A curated list of awesome things related to TheHive & Cortex☆180Updated 3 years ago
- Documentation of Cortex☆174Updated last year
- SIGMA UI is a free open-source application based on the Elastic stack and Sigma Converter (sigmac)☆188Updated 4 years ago
- This repository contains a few examples of actions that can be added to rules within Elastic Security.☆22Updated 4 months ago
- Wazuh - Splunk App☆55Updated 9 months ago
- Open source endpoint agent providing host information to Zeek. [v2]☆83Updated last week
- ☆126Updated last year
- Simple integration script for 3rd party systems such as SIEMs. Offers command line, file or syslog output in CEF, JSON or key-value pair …☆134Updated last year
- Documentation of TheHive☆398Updated last year
- Splunk Connect for Syslog☆166Updated this week
- Splunk code (SPL) for serious threat hunters and detection engineers.☆284Updated last year
- Converts Sigma detection rules to a Splunk alert configuration.☆111Updated 5 years ago
- MISP Docker (XME edition)☆282Updated last year
- Python API Client for TheHive☆229Updated this week
- Apps to be used for Shuffle automation. Most of Shuffle's apps (2500+) are generated from APIs, and available in the search engine below:☆113Updated this week
- Parse wazuh[HIDS] alerts into ECS mapping using Filebeat☆27Updated 4 years ago
- ☆131Updated last year
- Cisco Orbital - Osquery queries by Talos☆134Updated 10 months ago
- A standard for reducing log volume without sacrificing analytical capability☆205Updated 4 months ago
- An open standard for hashing network flows into identifiers, a.k.a "Community IDs".☆180Updated 9 months ago
- Docker image for MISP☆130Updated last week
- Fortinet products logs to Elasticsearch☆98Updated 3 weeks ago
- Splunk Admins application to assist with troubleshooting Splunk enterprise installations☆96Updated last month
- Main MineMeld documentation repo☆379Updated 7 years ago
- ☆216Updated last year
- Technical add-on for Splunk related to TheHive/Cortex from TheHive project☆53Updated 2 months ago
- ☆38Updated 5 years ago