HASecuritySolutions / LogstashLinks
Contains Logstash related content including tons of Logstash configurations
☆253Updated 3 years ago
Alternatives and similar repositories for Logstash
Users that are interested in Logstash are comparing it to the libraries listed below
Sorting:
- Mark Baggett's (@MarkBaggett - GSE #15, SANS SEC573 Author) tool for detecting randomness using NLP techniques rather than pure entropy c…☆125Updated 2 years ago
- Documentation of Cortex☆174Updated last year
- ☆216Updated last year
- Threat Feed Aggregation, Made Easy☆168Updated 4 years ago
- ☆131Updated last year
- Documentation of TheHive☆397Updated last year
- Splunk code (SPL) for serious threat hunters and detection engineers.☆276Updated last year
- Python API Client for TheHive☆226Updated this week
- Carbon Black API - Python language bindings☆145Updated 9 months ago
- Samples code that uses QRadar API's☆203Updated 5 years ago
- ELK configuration files for Forensic Analysts and Incident Handlers (unmaintained)☆179Updated 5 years ago
- ☆120Updated 3 years ago
- Graylog Processing Pipeline functions to enrich log messages with IoC information from threat intelligence databases☆154Updated last year
- Subscribe to raw VMware Carbon Black EDR event feed and forward to another system, such as Splunk.☆73Updated last year
- SIGMA UI is a free open-source application based on the Elastic stack and Sigma Converter (sigmac)☆188Updated 4 years ago
- Main MineMeld documentation repo☆379Updated 7 years ago
- Engine of MineMeld☆140Updated 2 years ago
- CIF v3 -- the fastest way to consume threat intelligence☆182Updated 2 years ago
- Automated Use Case Testing☆167Updated 7 years ago
- Automated deployment scripts for the RockNSM network hunting distribution.☆453Updated last year
- A Splunk app to use MISP in background☆110Updated this week
- ATT&CK Remote Threat Hunting Incident Response☆200Updated 5 months ago
- Windows Event Forwarding subscriptions, configuration files and scripts that assist with implementing ACSC's protect publication, Technic…☆219Updated 3 months ago
- Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing☆175Updated 4 years ago
- A threat hunting / data analysis environment based on Python, Pandas, PySpark and Jupyter Notebook.☆246Updated 3 years ago
- A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework☆352Updated 4 years ago
- Cyber Analytics Platform and Examination System (CAPES) Project Page☆60Updated 5 years ago
- Hackish nonsense to interact with the MITRE ATT&CK API via Python☆16Updated 4 years ago
- MISP Docker (XME edition)☆282Updated last year
- Security Monitoring Resolution Categories☆138Updated 3 years ago