Graylog2 / graylog-plugin-threatintelLinks
Graylog Processing Pipeline functions to enrich log messages with IoC information from threat intelligence databases
☆154Updated last year
Alternatives and similar repositories for graylog-plugin-threatintel
Users that are interested in graylog-plugin-threatintel are comparing it to the libraries listed below
Sorting:
- ☆141Updated last year
- Evolving directions on building the best Open Source Forensics VM☆160Updated 6 years ago
- CIF v3 -- the fastest way to consume threat intelligence☆182Updated 2 years ago
- Automated deployment scripts for the RockNSM network hunting distribution.☆454Updated last year
- Threat Feed Aggregation, Made Easy☆168Updated 4 years ago
- The Phishing Intelligence Engine - An Active Defense PowerShell Framework for Phishing Defense with Office 365☆180Updated 5 years ago
- ELK configuration files for Forensic Analysts and Incident Handlers (unmaintained)☆179Updated 5 years ago
- Cyber Analytics Platform and Examination System (CAPES) Project Page☆60Updated 5 years ago
- Serverless, low cost, threat intel aggregation for enterprise or personal use, backed by ElasticSearch.☆141Updated 2 years ago
- Suricata Extreme Performance Tuning guide☆209Updated 7 years ago
- A RESTful API frontend for Stenographer☆54Updated 2 years ago
- ☆49Updated 4 years ago
- Dashboards and loader for ROCK NSM dashboards☆48Updated 2 years ago
- A Simple QUEry and Report Tool☆142Updated 5 years ago
- Ansible playbook for installing MineMeld on Linux☆48Updated 4 years ago
- Simple block lists hub for PAN-OS DBL feature☆35Updated 6 years ago
- Sandia Cyber Omni Tracker (SCOT)☆248Updated 7 months ago
- bro on debian with elasticsearch support☆24Updated 8 years ago
- Enterprise Log Search and Archive☆209Updated 6 years ago
- SIAC is an enterprise SIEM built on open-source technology.☆114Updated 6 years ago
- A live dashboard for a real-time overview of threat intelligence from MISP instances☆202Updated last year
- Engine of MineMeld☆140Updated 2 years ago
- Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing☆175Updated 4 years ago
- Docker container for MISP☆96Updated 7 years ago
- Documentation of Cortex☆174Updated last year
- DEPRECATED - USE v3 (bearded-avenger)☆228Updated 7 years ago
- Grabs the administrator and authentication logs from the Duo Security API and sends CEF-formatted syslog.☆28Updated 8 years ago
- Cyber Defence Monitoring Course Suite :: Suricata, Arkime (and others in the past)☆106Updated last year
- Threat Analysis, Reconnaissance, and Data Intelligence System☆124Updated 9 years ago
- ☆38Updated 6 years ago