Graylog2 / graylog-plugin-threatintelLinks
Graylog Processing Pipeline functions to enrich log messages with IoC information from threat intelligence databases
☆154Updated last year
Alternatives and similar repositories for graylog-plugin-threatintel
Users that are interested in graylog-plugin-threatintel are comparing it to the libraries listed below
Sorting:
- ☆141Updated last year
- Engine of MineMeld☆140Updated 2 years ago
- Evolving directions on building the best Open Source Forensics VM☆160Updated 6 years ago
- Simple block lists hub for PAN-OS DBL feature☆35Updated 6 years ago
- Dashboards and loader for ROCK NSM dashboards☆48Updated 2 years ago
- Grabs the administrator and authentication logs from the Duo Security API and sends CEF-formatted syslog.☆28Updated 8 years ago
- Automated deployment scripts for the RockNSM network hunting distribution.☆454Updated last year
- A Simple QUEry and Report Tool☆142Updated 5 years ago
- The Phishing Intelligence Engine - An Active Defense PowerShell Framework for Phishing Defense with Office 365☆180Updated 5 years ago
- Check_ioc is a script to check for various, selectable indicators of compromise on Windows systems via PowerShell and Event Logs. It was …☆77Updated 7 years ago
- CIF v3 -- the fastest way to consume threat intelligence☆182Updated 2 years ago
- SIAC is an enterprise SIEM built on open-source technology.☆114Updated 6 years ago
- WebUI of MineMeld☆43Updated 2 years ago
- Sandia Cyber Omni Tracker (SCOT)☆247Updated 7 months ago
- Cyber Analytics Platform and Examination System (CAPES) Project Page☆60Updated 5 years ago
- Enterprise Log Search and Archive☆210Updated 6 years ago
- Repo for autosnort scripts.☆158Updated 4 years ago
- ELK configuration files for Forensic Analysts and Incident Handlers (unmaintained)☆179Updated 5 years ago
- Main MineMeld documentation repo☆379Updated 7 years ago
- Threat Feed Aggregation, Made Easy☆168Updated 4 years ago
- Docker container for MISP☆96Updated 6 years ago
- Serverless, low cost, threat intel aggregation for enterprise or personal use, backed by ElasticSearch.☆141Updated 2 years ago
- Example configuration files for Logstash☆44Updated 5 years ago
- Vulnerability Data in ES☆146Updated 7 years ago
- Automatic firewall rule orchestator.☆83Updated 7 years ago
- CrowdStrike Falcon Orchestrator provides automated workflow and response capabilities☆186Updated last year
- ☆49Updated 4 years ago
- A tool for analyzing firewall rules☆156Updated 7 years ago
- Miscelaneous useful scripts for my day to day projects☆124Updated 4 years ago
- Threat Analysis, Reconnaissance, and Data Intelligence System☆125Updated 9 years ago