DanielSchwartz1 / SplunkForPCAPLinks
The PCAP Analyzer for Splunk includes useful Dashboards to analyze network packet capture files from Wireshark or Network Monitor (.pcap) and network streaming data (Splunk App for Stream). The App includes Dashboards which will show you: - The Top Talker IP's, Protocols, VLANs, Conversations - Detailed overview about IP Conversations, Packet L…
☆43Updated last year
Alternatives and similar repositories for SplunkForPCAP
Users that are interested in SplunkForPCAP are comparing it to the libraries listed below
Sorting:
- Sysmon Splunk App☆47Updated 7 years ago
- MineMeld nodes for MISP☆19Updated last year
- Security Onion Elastic Stack☆46Updated 4 years ago
- Bro IDS + ELK Stack to detect and block data exfiltration☆46Updated 6 years ago
- A website and framework for testing NIDS detection☆57Updated 4 years ago
- ☆35Updated 4 years ago
- Threat Hunting with ELK Workshop (InfoSecWorld 2017)☆66Updated 7 years ago
- WebUI of MineMeld☆43Updated 2 years ago
- SOC Workflow App helps Security Analysts and Threat Hunters explore suspicious events, look into raw events arriving at the Elastic Stack…☆94Updated 3 years ago
- Threat Intelligence with Elastic - Minemeld integration with Elasticsearch☆19Updated 4 years ago
- Presentation Slides and Video links☆32Updated 3 years ago
- automate your MISP installs☆68Updated 5 years ago
- ☆13Updated 5 years ago
- Cyber Defence Monitoring Course Suite :: Suricata, Arkime (and others in the past)☆106Updated last year
- Splunk App to assist Sysmon Threat Hunting☆38Updated 8 years ago
- A tool to assess data quality, built on top of the awesome OSSEM.☆78Updated 3 years ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆36Updated 3 years ago
- Download a list of suspected malicious IPs and Domains. Create a QRadar Reference Set. Search Your Environment For Malicious IPs☆69Updated 4 years ago
- Wireshark plugin to display Suricata analysis info☆95Updated 3 years ago
- A collection of notebooks built for defensive and offensive operations.☆77Updated 4 years ago
- Connect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.☆69Updated last year
- Synapse: a Meta Alert Feeder for TheHive, a Security Incident Response Platform☆71Updated 2 years ago
- Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings☆121Updated 4 years ago
- Threat Alert Logic Repository☆92Updated 6 years ago
- Expert Investigation Guides☆50Updated 4 years ago
- Integrating Sysinternals Autoruns’ logs into Security Onion☆31Updated last year
- Primary data pipelines for intrusion detection, security analytics and threat hunting☆87Updated 3 years ago
- Exports MISP events to STIX and ingest into McAfee ESM☆15Updated 5 years ago
- The OTX Suricata Rule Generator can be used to create the rules and configuration for Suricata to alert on indicators from your OTX accou…☆111Updated last year
- ☆34Updated 4 years ago