DanielSchwartz1 / SplunkForPCAPLinks
The PCAP Analyzer for Splunk includes useful Dashboards to analyze network packet capture files from Wireshark or Network Monitor (.pcap) and network streaming data (Splunk App for Stream). The App includes Dashboards which will show you: - The Top Talker IP's, Protocols, VLANs, Conversations - Detailed overview about IP Conversations, Packet L…
☆44Updated last year
Alternatives and similar repositories for SplunkForPCAP
Users that are interested in SplunkForPCAP are comparing it to the libraries listed below
Sorting:
- A website and framework for testing NIDS detection☆57Updated 4 years ago
- MineMeld nodes for MISP☆19Updated last year
- Bro IDS + ELK Stack to detect and block data exfiltration☆46Updated 7 years ago
- WebUI of MineMeld☆43Updated 2 years ago
- Download a list of suspected malicious IPs and Domains. Create a QRadar Reference Set. Search Your Environment For Malicious IPs☆69Updated 4 years ago
- Threat Intelligence with Elastic - Minemeld integration with Elasticsearch☆19Updated 4 years ago
- Sysmon Splunk App☆47Updated 7 years ago
- ☆35Updated 4 years ago
- Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings☆122Updated 4 years ago
- Integrating Sysinternals Autoruns’ logs into Security Onion☆31Updated last year
- Script to perform bulk local GeoIP lookups (ASN and geo) for IP addresses☆102Updated 5 years ago
- Threat Hunting with ELK Workshop (InfoSecWorld 2017)☆65Updated 8 years ago
- Cyber Defence Monitoring Course Suite :: Suricata, Arkime (and others in the past)☆107Updated last year
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆37Updated 3 years ago
- SOC Workflow App helps Security Analysts and Threat Hunters explore suspicious events, look into raw events arriving at the Elastic Stack…☆94Updated 3 years ago
- Security Onion Elastic Stack☆46Updated 4 years ago
- A RESTful API frontend for Stenographer☆54Updated 2 years ago
- DynamiteNSM is a free Network Security Monitor developed by Dynamite Analytics to enable network visibility and advanced cyber threat det…☆171Updated 2 years ago
- Mapping NSM rules to MITRE ATT&CK☆72Updated 5 years ago
- Wireshark plugin to display Suricata analysis info☆95Updated 4 years ago
- Imports Alienvault OTX pulses to a MISP instance☆53Updated 4 years ago
- ☆13Updated 6 years ago
- Snorpy is a python script the gives a Gui interface to help those new to snort create rules.☆63Updated last year
- Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt☆40Updated 2 years ago
- OSSEC Decoder & Rulesets for Sysmon Events☆15Updated 10 years ago
- Bro/Zeek integration with osquery☆94Updated 5 years ago
- automate your MISP installs☆68Updated 5 years ago
- Primary data pipelines for intrusion detection, security analytics and threat hunting☆86Updated 3 years ago
- Parse wazuh[HIDS] alerts into ECS mapping using Filebeat☆28Updated 5 years ago
- ☆37Updated 4 years ago