A standard for reducing log volume without sacrificing analytical capability
☆214Feb 21, 2025Updated last year
Alternatives and similar repositories for LogSlash
Users that are interested in LogSlash are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Substation is a toolkit for routing, normalizing, and enriching security event and audit logs.☆393Jan 20, 2026Updated 2 months ago
- A repository to share publicly available Velociraptor detection content☆196Mar 15, 2026Updated last week
- Transform Linux Audit logs for SIEM usage☆821Mar 5, 2026Updated 2 weeks ago
- DFF (Digital Forensics Framework)☆11Jan 6, 2021Updated 5 years ago
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆88Mar 11, 2026Updated last week
- OCSF Schema☆801Updated this week
- Production-ready detection & response queries for osquery☆602Aug 13, 2025Updated 7 months ago
- Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS☆1,662Jan 8, 2025Updated last year
- An extension of the sigma standard to include security metrics.☆16May 18, 2023Updated 2 years ago
- A web scraper to create MISP events and reports☆17Jun 30, 2025Updated 8 months ago
- Adversarial Interception Mission Oriented Discovery and Disruption Framework, or AIMOD2, is a structured threat hunting approach to proac…☆90Sep 16, 2023Updated 2 years ago
- Real-time, container-based file scanning at enterprise scale☆978Mar 6, 2026Updated 2 weeks ago
- SIEGMA - Transform Sigma rules into SIEM consumables☆159Mar 10, 2025Updated last year
- Tenzir is the data pipeline engine for security teams.☆730Updated this week
- MDE relies on some of the Audit settings to be enabled☆100Jul 15, 2022Updated 3 years ago
- YARI is an interactive debugger for YARA Language.☆90Sep 10, 2025Updated 6 months ago
- Python library to parse and convert Sigma rules into queries (and whatever else you could imagine)☆536Updated this week
- A PowerShell module for acquisition of data from Microsoft 365 and Azure for Incident Response and Cyber Security purposes.☆776Mar 3, 2026Updated 3 weeks ago
- Mapping the ATT&CK matrix in a Cowrie honeypot☆16Aug 31, 2018Updated 7 years ago
- Zeek Extension to Collect Metadata for Profiling of Endpoints and Proxies☆40Sep 2, 2025Updated 6 months ago
- This is a collection of threat detection rules / rules engines that I have come across.☆297May 5, 2024Updated last year
- Open Source Security Events Metadata (OSSEM)☆1,289Feb 27, 2023Updated 3 years ago
- YARA rule analyzer to improve rule quality and performance☆113Jan 18, 2026Updated 2 months ago
- Golang io/fs implementation for Google Cloud Storage☆12Jan 20, 2024Updated 2 years ago
- Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detection…☆864Jan 20, 2022Updated 4 years ago
- Kestrel threat hunting language: building reusable, composable, and shareable huntflows across different data sources and threat intel.☆325Sep 27, 2024Updated last year
- Audit log wall of shame.☆42Aug 20, 2025Updated 7 months ago
- Collaborative Incident Response platform☆1,446Feb 16, 2026Updated last month
- OCSF Schema Validation☆12Dec 13, 2024Updated last year
- Synapse Central Intelligence System☆435Updated this week
- The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat huntin…☆154Apr 25, 2022Updated 3 years ago
- pyJARM is a library for doing JARM fingerprinting using python☆50Mar 23, 2025Updated last year
- Picatrix is a library designed to help security analysts in a notebook environment, such as colab or jupyter.☆52Mar 26, 2025Updated 11 months ago
- Elastic Security detection content for Endpoint☆1,389Mar 16, 2026Updated last week
- Automatic detection engineering technical state compliance☆55Jul 7, 2024Updated last year
- Detection Ideas & Rules repository.☆178Sep 10, 2021Updated 4 years ago
- ⚠️ ARCHIVED**: This repository is no longer actively maintained. All Sigma rules are now managed and available in SIEM Rules☆12Updated this week
- Vulnerability-Lookup facilitates quick correlation of vulnerabilities from various sources, independent of vulnerability IDs, and streaml…☆489Updated this week
- ☆2,525Updated this week