DanielSchwartz1 / SplunkForPCAP
The PCAP Analyzer for Splunk includes useful Dashboards to analyze network packet capture files from Wireshark or Network Monitor (.pcap) and network streaming data (Splunk App for Stream). The App includes Dashboards which will show you: - The Top Talker IP's, Protocols, VLANs, Conversations - Detailed overview about IP Conversations, Packet L…
☆41Updated 10 months ago
Related projects ⓘ
Alternatives and complementary repositories for SplunkForPCAP
- ☆20Updated 4 years ago
- Bro IDS + ELK Stack to detect and block data exfiltration☆46Updated 6 years ago
- WebUI of MineMeld☆43Updated last year
- ☆12Updated 5 years ago
- Bro script package to create JSON formatted logs to stream into data analysis systems.☆28Updated 11 months ago
- Threat Intelligence with Elastic - Minemeld integration with Elasticsearch☆19Updated 3 years ago
- Zeek support for Community ID flow hashing.☆34Updated last year
- ☆48Updated 4 years ago
- Tool for managing Zeek deployments.☆53Updated 3 months ago
- Sniffles: Packet Capture Generator for IDS and Regular Expression Evaluation☆62Updated 3 years ago
- A website and framework for testing NIDS detection☆56Updated 3 years ago
- Build Automated Machine Images for MISP☆28Updated last year
- Security Onion Elastic Stack☆46Updated 3 years ago
- This project is no longer maintained. There's a successor at https://github.com/zeek-packages/zeek-agent-v2☆14Updated 4 years ago
- This repository contains all the config files and scripts used for our Open Source Endpoint monitoring project.☆33Updated 5 years ago
- The Bro/Zeek language cheat sheet☆51Updated 11 years ago
- Exports MISP events to STIX and ingest into McAfee ESM☆15Updated 4 years ago
- Splunk App to assist Sysmon Threat Hunting☆38Updated 7 years ago
- Presentation Slides and Video links☆31Updated 3 years ago
- MineMeld nodes for MISP☆18Updated 10 months ago
- automate your MISP installs☆66Updated 4 years ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆35Updated 2 years ago
- Connect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.☆69Updated last year
- ☆34Updated 3 years ago
- This is a repository from Adam Swan and I's presentation on Windows Logs Zero 2 Hero.☆21Updated 6 years ago
- A few scripts I put together for testing purposes and to automate a few capabilities while doing IR. These scripts are also part of my bl…☆53Updated 6 years ago
- Integrating Sysinternals Autoruns’ logs into Security Onion☆31Updated 9 months ago
- Rapid cybersecurity toolkit based on Elastic in Docker. Designed to quickly build elastic-based environments to analyze and execute threa…☆18Updated 4 years ago
- Sysmon Splunk App☆46Updated 6 years ago
- Potiron - Normalize, Index and Visualize Network Capture☆83Updated 5 years ago