DanielSchwartz1 / SplunkForPCAPLinks
The PCAP Analyzer for Splunk includes useful Dashboards to analyze network packet capture files from Wireshark or Network Monitor (.pcap) and network streaming data (Splunk App for Stream). The App includes Dashboards which will show you: - The Top Talker IP's, Protocols, VLANs, Conversations - Detailed overview about IP Conversations, Packet L…
☆44Updated this week
Alternatives and similar repositories for SplunkForPCAP
Users that are interested in SplunkForPCAP are comparing it to the libraries listed below
Sorting:
- A website and framework for testing NIDS detection☆57Updated 4 years ago
- Bro IDS + ELK Stack to detect and block data exfiltration☆46Updated 7 years ago
- Security Onion Elastic Stack☆46Updated 4 years ago
- Sysmon Splunk App☆47Updated 7 years ago
- Wireshark plugin to display Suricata analysis info☆95Updated 4 years ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆38Updated 3 years ago
- Threat Hunting with ELK Workshop (InfoSecWorld 2017)☆65Updated 8 years ago
- A live dashboard for a real-time overview of threat intelligence from MISP instances☆204Updated 2 years ago
- Download a list of suspected malicious IPs and Domains. Create a QRadar Reference Set. Search Your Environment For Malicious IPs☆69Updated 4 years ago
- Integrating Sysinternals Autoruns’ logs into Security Onion☆31Updated last year
- ☆35Updated 4 years ago
- Cyber Defence Monitoring Course Suite :: Suricata, Arkime (and others in the past)☆107Updated last year
- WebUI of MineMeld☆43Updated 2 years ago
- DynamiteNSM is a free Network Security Monitor developed by Dynamite Analytics to enable network visibility and advanced cyber threat det…☆171Updated 2 years ago
- automate your MISP installs☆68Updated 5 years ago
- Tools for the Computer Incident Response Team☆148Updated 8 years ago
- Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings☆122Updated 4 years ago
- The default package source of the Zeek Package Manager. Wrote a package? See the README for how to get it included.☆143Updated this week
- Script to perform bulk local GeoIP lookups (ASN and geo) for IP addresses☆102Updated 5 years ago
- This program exports MITRE ATT&CK framework in ELK dashboard☆80Updated 3 years ago
- Threat Intelligence with Elastic - Minemeld integration with Elasticsearch☆19Updated 4 years ago
- ☆37Updated 5 years ago
- ☆50Updated 5 years ago
- ☆21Updated 5 years ago
- A lightweight tool to load Windows Event Log evtx files into Elasticsearch.☆119Updated 5 years ago
- The OTX Suricata Rule Generator can be used to create the rules and configuration for Suricata to alert on indicators from your OTX accou…☆112Updated last year
- Mapping NSM rules to MITRE ATT&CK☆73Updated 5 years ago
- Bluewall is a firewall framework designed for offensive and defensive cyber professionals.☆106Updated 6 years ago
- Primary data pipelines for intrusion detection, security analytics and threat hunting☆85Updated 3 years ago
- A RESTful API frontend for Stenographer☆54Updated 3 years ago