HASecuritySolutions / LogstashLinks
Contains Logstash related content including tons of Logstash configurations
☆254Updated 4 years ago
Alternatives and similar repositories for Logstash
Users that are interested in Logstash are comparing it to the libraries listed below
Sorting:
- Main MineMeld documentation repo☆378Updated 8 years ago
- Mark Baggett's (@MarkBaggett - GSE #15, SANS SEC573 Author) tool for detecting randomness using NLP techniques rather than pure entropy c…☆128Updated 2 years ago
- ☆219Updated last year
- Documentation of TheHive☆400Updated 2 years ago
- Documentation of Cortex☆175Updated 2 years ago
- Python API Client for TheHive☆231Updated this week
- ☆133Updated last year
- Carbon Black API - Python language bindings☆145Updated last year
- Automated deployment scripts for the RockNSM network hunting distribution.☆456Updated 2 years ago
- Samples code that uses QRadar API's☆208Updated 5 years ago
- Splunk code (SPL) for serious threat hunters and detection engineers.☆287Updated last year
- SELinux Policy for Splunk☆56Updated 6 years ago
- ☆122Updated 3 years ago
- Cisco eStreamer client☆24Updated 3 years ago
- Engine of MineMeld☆140Updated 2 years ago
- A threat hunting / data analysis environment based on Python, Pandas, PySpark and Jupyter Notebook.☆247Updated 4 years ago
- Threat Feed Aggregation, Made Easy☆168Updated 5 years ago
- A Splunk app to use MISP in background☆111Updated last week
- Risk Based Alerting Supporting Add-On (SA) for Splunk☆45Updated 3 years ago
- Automated Use Case Testing☆168Updated 7 years ago
- This is a repository for freq.py and freq_server.py☆210Updated 5 years ago
- CASCADE Server☆272Updated 2 years ago
- User guide of MISP☆275Updated 9 months ago
- Graylog Processing Pipeline functions to enrich log messages with IoC information from threat intelligence databases☆155Updated last year
- Incident Response Hierarchy of Needs☆463Updated 2 years ago
- ELK configuration files for Forensic Analysts and Incident Handlers (unmaintained)☆179Updated 6 years ago
- Evolving directions on building the best Open Source Forensics VM☆161Updated 7 years ago
- Synapse: a Meta Alert Feeder for TheHive, a Security Incident Response Platform☆71Updated 2 years ago
- Subscribe to raw VMware Carbon Black EDR event feed and forward to another system, such as Splunk.☆73Updated last year
- CrowdStrike Falcon Orchestrator provides automated workflow and response capabilities☆187Updated last year