DanielSchwartz1 / SplunkForPCAPLinks
The PCAP Analyzer for Splunk includes useful Dashboards to analyze network packet capture files from Wireshark or Network Monitor (.pcap) and network streaming data (Splunk App for Stream). The App includes Dashboards which will show you: - The Top Talker IP's, Protocols, VLANs, Conversations - Detailed overview about IP Conversations, Packet L…
☆43Updated last year
Alternatives and similar repositories for SplunkForPCAP
Users that are interested in SplunkForPCAP are comparing it to the libraries listed below
Sorting:
- Bro IDS + ELK Stack to detect and block data exfiltration☆46Updated 6 years ago
- Sysmon Splunk App☆46Updated 6 years ago
- Security Onion Elastic Stack☆46Updated 4 years ago
- MineMeld nodes for MISP☆19Updated last year
- JoeSandbox-Bro is a simple bro script which extracts files from your internet connection and analyzes them automatically on Joe Sandbox☆45Updated 6 years ago
- Splunk App to assist Sysmon Threat Hunting☆38Updated 8 years ago
- Build your own threat hunting maturity model☆11Updated 7 years ago
- Threat Intelligence with Elastic - Minemeld integration with Elasticsearch☆19Updated 4 years ago
- Imports Alienvault OTX pulses to a MISP instance☆53Updated 3 years ago
- WebUI of MineMeld☆43Updated 2 years ago
- Scripts to inject demo data and network traffic into an existing Alienvault/OSSIM installation☆21Updated 7 years ago
- A website and framework for testing NIDS detection☆57Updated 3 years ago
- The Bro/Zeek language cheat sheet☆52Updated 12 years ago
- This is a repository from Adam Swan and I's presentation on Windows Logs Zero 2 Hero.☆22Updated 7 years ago
- Powershell collection designed to assist in Threat Hunting Windows systems.☆27Updated 7 years ago
- ☆55Updated 3 years ago
- ☆20Updated 5 years ago
- Coding examples for the OpenDNS Investigate API☆24Updated 5 years ago
- ☆34Updated 4 years ago
- Bluewall is a firewall framework designed for offensive and defensive cyber professionals.☆106Updated 6 years ago
- Network Forensics Bro scripts & pcap samples☆62Updated 11 years ago
- YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack☆16Updated 4 years ago
- A set of Bash scripts that allows you to repeatably collect and compare baseline audit data from Linux and Windows systems☆20Updated 11 years ago
- Top DNS Measurement for Bro☆11Updated 4 years ago
- OSSEC Decoder & Rulesets for Sysmon Events☆15Updated 9 years ago
- Connect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.☆69Updated last year
- Detect HTTP stalling attacks like slowloris with Bro☆19Updated 7 years ago
- Exports MISP events to STIX and ingest into McAfee ESM☆15Updated 5 years ago
- automate your MISP installs☆68Updated 4 years ago
- Download a list of suspected malicious IPs and Domains. Create a QRadar Reference Set. Search Your Environment For Malicious IPs☆69Updated 3 years ago