CiscoSecurity / fp-05-firepower-cef-connector-arcsightLinks
Cisco eStreamer client
☆24Updated 2 years ago
Alternatives and similar repositories for fp-05-firepower-cef-connector-arcsight
Users that are interested in fp-05-firepower-cef-connector-arcsight are comparing it to the libraries listed below
Sorting:
- Splunk Remote Work Insights - Executive Dashboard☆42Updated 4 years ago
- Contains Logstash related content including tons of Logstash configurations☆254Updated 3 years ago
- SELinux Policy for Splunk☆56Updated 5 years ago
- Risk Based Alerting Supporting Add-On (SA) for Splunk☆45Updated 3 years ago
- scripts to configure the Splunk Universal Forwarder in a locked down state☆40Updated 6 years ago
- Ansible playbook for installing MineMeld on Linux☆48Updated 4 years ago
- Mark Baggett's (@MarkBaggett - GSE #15, SANS SEC573 Author) tool for detecting randomness using NLP techniques rather than pure entropy c…☆129Updated 2 years ago
- ☆133Updated last year
- Data validator agains Splunk Common Information Model (CIM)☆76Updated last year
- WebUI of MineMeld☆43Updated 2 years ago
- Splunk code (SPL) for serious threat hunters and detection engineers.☆286Updated last year
- ☆122Updated 3 years ago
- Main MineMeld documentation repo☆380Updated 7 years ago
- Docker Splunk "Orchestration" bash script (6,000+ lines) to create fully automated pre-configured splunk site-2-site clusters or stand al…☆140Updated 5 years ago
- Sunburst IOCs for Splunk Ingest☆18Updated 4 years ago
- Splunk Admins application to assist with troubleshooting Splunk enterprise installations☆96Updated 3 weeks ago
- Palo Alto Networks App for Splunk leverages the data visibility provided by Palo Alto Networks next-generation firewalls and endpoint sec…☆107Updated 9 months ago
- ☆217Updated last year
- This is a repository for freq.py and freq_server.py☆209Updated 5 years ago
- Allows to pull asset and identity data into Splunk app for Enterprise Security from LDAP and other sources☆28Updated 7 years ago
- SIGMA UI is a free open-source application based on the Elastic stack and Sigma Converter (sigmac)☆189Updated 4 years ago
- Carbon Black API - Python language bindings☆145Updated 11 months ago
- Elastic Beat for fetching and shipping Office 365 audit events☆67Updated 4 years ago
- SOC Workflow App helps Security Analysts and Threat Hunters explore suspicious events, look into raw events arriving at the Elastic Stack…☆94Updated 2 years ago
- Phantom Apps Repo☆83Updated 3 years ago
- Converts Sigma detection rules to a Splunk alert configuration.☆111Updated 5 years ago
- Ansible playbook to convert Sigma rules to ElastAlert rules☆10Updated 4 years ago
- TrackMe - Data tracking system for Splunk admins☆50Updated 2 years ago
- RBA is Splunk's method to aggregate low-fidelity security events as interesting observations tagged with security metadata to create high…☆56Updated 3 weeks ago
- LogRhythm PowerShell Toolkit☆51Updated 2 weeks ago