DanielSchwartz1 / SplunkForPCAP
The PCAP Analyzer for Splunk includes useful Dashboards to analyze network packet capture files from Wireshark or Network Monitor (.pcap) and network streaming data (Splunk App for Stream). The App includes Dashboards which will show you: - The Top Talker IP's, Protocols, VLANs, Conversations - Detailed overview about IP Conversations, Packet L…
☆42Updated last year
Alternatives and similar repositories for SplunkForPCAP:
Users that are interested in SplunkForPCAP are comparing it to the libraries listed below
- Bro IDS + ELK Stack to detect and block data exfiltration☆47Updated 6 years ago
- Security Onion Elastic Stack☆46Updated 3 years ago
- Build Automated Machine Images for MISP☆28Updated last year
- Sysmon Splunk App☆46Updated 6 years ago
- MineMeld nodes for MISP☆18Updated 11 months ago
- Connect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.☆69Updated last year
- ☆24Updated 4 years ago
- ☆12Updated 5 years ago
- Exports MISP events to STIX and ingest into McAfee ESM☆15Updated 4 years ago
- Presentation Slides and Video links☆31Updated 3 years ago
- ☆33Updated 3 years ago
- ☆55Updated 2 years ago
- WebUI of MineMeld☆43Updated last year
- Cyber Analytics Platform and Examination System (CAPES) Project Page☆60Updated 5 years ago
- Threat Intelligence with Elastic - Minemeld integration with Elasticsearch☆19Updated 3 years ago
- This is a repository from Adam Swan and I's presentation on Windows Logs Zero 2 Hero.☆21Updated 6 years ago
- JoeSandbox-Bro is a simple bro script which extracts files from your internet connection and analyzes them automatically on Joe Sandbox☆44Updated 5 years ago
- A few scripts I put together for testing purposes and to automate a few capabilities while doing IR. These scripts are also part of my bl…☆54Updated 6 years ago
- Splunk App to assist Sysmon Threat Hunting☆38Updated 7 years ago
- A website and framework for testing NIDS detection☆56Updated 3 years ago
- ☆38Updated 6 years ago
- ☆48Updated 4 years ago
- Potiron - Normalize, Index and Visualize Network Capture☆83Updated 5 years ago
- ☆20Updated 4 years ago
- The Bro/Zeek language cheat sheet☆51Updated 11 years ago
- Network Forensics Bro scripts & pcap samples☆62Updated 10 years ago
- Integrating Sysinternals Autoruns’ logs into Security Onion☆31Updated 10 months ago
- YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack☆16Updated 4 years ago
- Zeek support for Community ID flow hashing.☆35Updated last year
- A few quick recipes for those that do not have much time during the day☆22Updated 2 months ago