DavidJBianco / pycef
A very simple CEF parser for Python
☆27Updated 4 years ago
Related projects: ⓘ
- WebUI of MineMeld☆43Updated last year
- Bro scripts for the ROCK platform. http://rocknsm.io☆33Updated last year
- Mapping Corelight or Zeek data to Elastic Common Schema fields☆33Updated 3 weeks ago
- Engine of MineMeld☆141Updated last year
- ☆23Updated 4 years ago
- Dashboards and loader for ROCK NSM dashboards☆47Updated last year
- Flow-Indexer indexes flows found in chunked log files from bro,nfdump,syslog, or pcap files☆44Updated 4 months ago
- Python library for the ArcSight logger REST API☆27Updated 2 years ago
- Bro script package to create JSON formatted logs to stream into data analysis systems.☆27Updated 9 months ago
- A search command for Splunk which will allow you to search Elastic Search and display the results in the Splunk GUI☆67Updated 7 years ago
- ☆48Updated 8 years ago
- Bro/Zeek integration with osquery☆95Updated 3 years ago
- Allows for MAC address to vendor mapping in Splunk☆16Updated 11 months ago
- Dockerfiles for NSM tools☆84Updated 7 years ago
- Cyber Analytics Platform and Examination System (CAPES) Project Page☆60Updated 5 years ago
- Subscribe to raw VMware Carbon Black EDR event feed and forward to another system, such as Splunk.☆73Updated 4 months ago
- ☆16Updated 5 years ago
- MineMeld nodes for MISP☆18Updated 7 months ago
- Allows to pull asset and identity data into Splunk app for Enterprise Security from LDAP and other sources☆27Updated 6 years ago
- A website and framework for testing NIDS detection☆56Updated 3 years ago
- A RESTful API frontend for Stenographer☆54Updated last year
- Prototypes for MineMeld nodes☆39Updated 2 years ago
- Zeek support for Community ID flow hashing.☆32Updated last year
- Contains log parsers for Logstash for many systems and applications. Also contains many methods of augmenting logs.☆55Updated 6 years ago
- Docker files for building Zeek.☆84Updated 11 months ago
- Improvements of/over the original rule2alert☆56Updated 9 years ago
- Logstash configuration files for analyzing various types of logs☆25Updated 7 years ago
- Ansible playbook for installing MineMeld on Linux☆48Updated 3 years ago
- ☆55Updated 2 years ago
- A Splunk app to use MISP in background☆109Updated 9 months ago