DanielSchwartz1 / SplunkForPCAPLinks
The PCAP Analyzer for Splunk includes useful Dashboards to analyze network packet capture files from Wireshark or Network Monitor (.pcap) and network streaming data (Splunk App for Stream). The App includes Dashboards which will show you: - The Top Talker IP's, Protocols, VLANs, Conversations - Detailed overview about IP Conversations, Packet L…
☆43Updated last year
Alternatives and similar repositories for SplunkForPCAP
Users that are interested in SplunkForPCAP are comparing it to the libraries listed below
Sorting:
- Security Onion Elastic Stack☆46Updated 4 years ago
- A website and framework for testing NIDS detection☆57Updated 4 years ago
- automate your MISP installs☆68Updated 5 years ago
- WebUI of MineMeld☆43Updated 2 years ago
- Download a list of suspected malicious IPs and Domains. Create a QRadar Reference Set. Search Your Environment For Malicious IPs☆69Updated 4 years ago
- A collection of notebooks built for defensive and offensive operations.☆77Updated 5 years ago
- Threat Hunting with ELK Workshop (InfoSecWorld 2017)☆65Updated 8 years ago
- Primary data pipelines for intrusion detection, security analytics and threat hunting☆87Updated 3 years ago
- Sysmon Splunk App☆47Updated 7 years ago
- Bro IDS + ELK Stack to detect and block data exfiltration☆46Updated 7 years ago
- Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings☆122Updated 4 years ago
- SOC Workflow App helps Security Analysts and Threat Hunters explore suspicious events, look into raw events arriving at the Elastic Stack…☆93Updated 3 years ago
- ☆35Updated 4 years ago
- MineMeld nodes for MISP☆19Updated last year
- A simple Docker container that serves the MITRE ATT&CK Navigator web app☆27Updated 2 years ago
- DynamiteNSM is a free Network Security Monitor developed by Dynamite Analytics to enable network visibility and advanced cyber threat det…☆171Updated 2 years ago
- A tool to assess data quality, built on top of the awesome OSSEM.☆79Updated 3 years ago
- Splunk App to assist Sysmon Threat Hunting☆38Updated 8 years ago
- Collection of walkthroughs on various threat hunting techniques☆75Updated 5 years ago
- Powershell collection designed to assist in Threat Hunting Windows systems.☆27Updated 7 years ago
- Synapse: a Meta Alert Feeder for TheHive, a Security Incident Response Platform☆71Updated 2 years ago
- Threat Alert Logic Repository☆92Updated 6 years ago
- ☆50Updated 5 years ago
- Bluewall is a firewall framework designed for offensive and defensive cyber professionals.☆106Updated 6 years ago
- This repository contains advanced threat hunting scripts for Cisco Secure Endpoint API. The scripts leverage the AMP API to hunt for thre…☆14Updated 4 months ago
- Expert Investigation Guides☆51Updated 4 years ago
- Log Entry to Sigma Rule Converter☆109Updated 3 years ago
- Knowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)☆103Updated 3 months ago
- A lightweight tool to load Windows Event Log evtx files into Elasticsearch.☆119Updated 4 years ago
- Integrating Sysinternals Autoruns’ logs into Security Onion☆31Updated last year