DanielSchwartz1 / SplunkForPCAPLinks
The PCAP Analyzer for Splunk includes useful Dashboards to analyze network packet capture files from Wireshark or Network Monitor (.pcap)
☆44Updated 2 weeks ago
Alternatives and similar repositories for SplunkForPCAP
Users that are interested in SplunkForPCAP are comparing it to the libraries listed below
Sorting:
- MineMeld nodes for MISP☆19Updated last year
- A website and framework for testing NIDS detection☆57Updated 4 years ago
- ☆35Updated 4 years ago
- Security Onion Elastic Stack☆46Updated 4 years ago
- Threat Intelligence with Elastic - Minemeld integration with Elasticsearch☆19Updated 4 years ago
- Sysmon Splunk App☆47Updated 7 years ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆38Updated 3 years ago
- Bro IDS + ELK Stack to detect and block data exfiltration☆46Updated 7 years ago
- SOC Workflow App helps Security Analysts and Threat Hunters explore suspicious events, look into raw events arriving at the Elastic Stack…☆94Updated 3 years ago
- Threat Hunting with ELK Workshop (InfoSecWorld 2017)☆65Updated 8 years ago
- ☆21Updated 5 years ago
- ☆37Updated 5 years ago
- ☆13Updated 6 years ago
- Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt☆40Updated 2 years ago
- WebUI of MineMeld☆43Updated 2 years ago
- DynamiteNSM is a free Network Security Monitor developed by Dynamite Analytics to enable network visibility and advanced cyber threat det…☆171Updated 2 years ago
- Download a list of suspected malicious IPs and Domains. Create a QRadar Reference Set. Search Your Environment For Malicious IPs☆69Updated 4 years ago
- Presentation Slides and Video links☆32Updated 4 years ago
- Wireshark plugin to display Suricata analysis info☆95Updated 4 years ago
- automate your MISP installs☆68Updated 5 years ago
- Splunk App to assist Sysmon Threat Hunting☆38Updated 8 years ago
- Integrating Sysinternals Autoruns’ logs into Security Onion☆31Updated last year
- S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator☆90Updated 3 years ago
- Primary data pipelines for intrusion detection, security analytics and threat hunting☆85Updated 4 years ago
- Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings☆122Updated 4 years ago
- Exports MISP events to STIX and ingest into McAfee ESM☆15Updated 5 years ago
- A tool to assess data quality, built on top of the awesome OSSEM.☆80Updated 3 years ago
- Mapping NSM rules to MITRE ATT&CK☆73Updated 5 years ago
- Kibana 6 Templates for Suricata IDPS Threat Hunting☆24Updated 6 years ago
- Bro script package to create JSON formatted logs to stream into data analysis systems.☆30Updated last month