DanielSchwartz1 / SplunkForPCAP
The PCAP Analyzer for Splunk includes useful Dashboards to analyze network packet capture files from Wireshark or Network Monitor (.pcap) and network streaming data (Splunk App for Stream). The App includes Dashboards which will show you: - The Top Talker IP's, Protocols, VLANs, Conversations - Detailed overview about IP Conversations, Packet L…
☆43Updated last year
Alternatives and similar repositories for SplunkForPCAP:
Users that are interested in SplunkForPCAP are comparing it to the libraries listed below
- Bro IDS + ELK Stack to detect and block data exfiltration☆46Updated 6 years ago
- WebUI of MineMeld☆43Updated 2 years ago
- ☆12Updated 5 years ago
- Integrating Sysinternals Autoruns’ logs into Security Onion☆31Updated last year
- Threat Intelligence with Elastic - Minemeld integration with Elasticsearch☆19Updated 3 years ago
- Powershell collection designed to assist in Threat Hunting Windows systems.☆27Updated 6 years ago
- Bro script package to create JSON formatted logs to stream into data analysis systems.☆28Updated last year
- Integrate Zeek with Alienvault OTX☆25Updated 4 years ago
- This repository contains all the config files and scripts used for our Open Source Endpoint monitoring project.☆34Updated 5 years ago
- Presentation Slides and Video links☆32Updated 3 years ago
- ☆33Updated 3 years ago
- A website and framework for testing NIDS detection☆57Updated 3 years ago
- A few scripts I put together for testing purposes and to automate a few capabilities while doing IR. These scripts are also part of my bl…☆54Updated 7 years ago
- The Bro/Zeek language cheat sheet☆52Updated 12 years ago
- Splunk App to assist Sysmon Threat Hunting☆38Updated 8 years ago
- ☆55Updated 3 years ago
- ☆20Updated 4 years ago
- Top DNS Measurement for Bro☆11Updated 4 years ago
- ☆48Updated 4 years ago
- MineMeld nodes for MISP☆19Updated last year
- Deploy MISP Project software with Vagrant.☆43Updated 4 years ago
- Sysmon Splunk App☆46Updated 6 years ago
- Security Onion Elastic Stack☆46Updated 4 years ago
- Utility for parsing Bro log files into CSV or JSON format☆41Updated 2 years ago
- Exports MISP events to STIX and ingest into McAfee ESM☆15Updated 5 years ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆35Updated 2 years ago
- Build your own threat hunting maturity model☆11Updated 7 years ago
- Kibana 6 Templates for Suricata IDPS Threat Hunting☆24Updated 6 years ago
- YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack☆16Updated 4 years ago
- Primary data pipelines for intrusion detection, security analytics and threat hunting☆86Updated 3 years ago