Threat Intelligence with Elastic - Minemeld integration with Elasticsearch
☆19May 11, 2021Updated 4 years ago
Alternatives and similar repositories for TI_Mod
Users that are interested in TI_Mod are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Parse wazuh[HIDS] alerts into ECS mapping using Filebeat☆27Jul 21, 2020Updated 5 years ago
- MineMeld nodes for MISP☆19Jan 23, 2024Updated 2 years ago
- Mapping Corelight or Zeek data to Elastic Common Schema fields☆33Mar 16, 2026Updated last week
- Plugin for Kibana Version4.x and 5.x☆13Sep 25, 2017Updated 8 years ago
- A Zeek package for the passive detection of "Ripple20" vulnerabilities in the Treck TCP/IP stack.☆33Jun 29, 2022Updated 3 years ago
- Ansible playbook for installing MineMeld on Linux☆47Mar 18, 2021Updated 5 years ago
- Add POST body excerpt to Bro's HTTP log☆14Dec 10, 2025Updated 3 months ago
- YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack☆16Jan 6, 2021Updated 5 years ago
- A collection of Cortex Analyzers and Responders for TheHive/Cortex☆13Jan 29, 2020Updated 6 years ago
- Parse Suricata rules☆14Aug 1, 2023Updated 2 years ago
- This repository contains all the config files and scripts used for our Open Source Endpoint monitoring project.☆35Jul 8, 2019Updated 6 years ago
- ☆13Feb 25, 2021Updated 5 years ago
- Tachikoma is a security alerting framework for human beings☆22Sep 7, 2018Updated 7 years ago
- A Zeek package that detects Zoom logins and meeting joins☆12Apr 15, 2020Updated 5 years ago
- A Bro package to identify connections that are bursting (lots of data and transferring quickly).☆13Oct 15, 2020Updated 5 years ago
- Ripple20 Critical Vulnerabilities - Detection Logic and Signatures☆12May 28, 2021Updated 4 years ago
- PANW Firewall Visualisations using Elastic Stack☆91Mar 5, 2023Updated 3 years ago
- Some IR notes☆17Jul 2, 2016Updated 9 years ago
- st2 salt integration pack☆13Apr 7, 2024Updated last year
- ☆12Jan 28, 2020Updated 6 years ago
- A simple way of detecting multithreaded exfiltration in Zeek.☆15May 1, 2025Updated 10 months ago
- Zeek package to create JSON formatted logs to stream into data analysis systems.☆30Dec 3, 2025Updated 3 months ago
- RPM packages for MISP☆40Mar 18, 2026Updated last week
- A solution for using the ElastiFlow Unified Collector with the Elastic Stack (Elasticsearch and Kibana).☆26Nov 10, 2025Updated 4 months ago
- ☆14Sep 15, 2017Updated 8 years ago
- Dell Equallogic Template for Zabbix 3.x☆11Jan 4, 2018Updated 8 years ago
- Translate an ECS mapping CSV to starter pipelines for Beats, Elasticsearch or Logstash☆53Mar 9, 2022Updated 4 years ago
- CDIR Analyzer - parsers for data collected by CDIR Collector☆19Dec 11, 2025Updated 3 months ago
- Corelight@Home script☆46Oct 5, 2023Updated 2 years ago
- ☆14Jan 14, 2026Updated 2 months ago
- A script to create and assign SOP tasks into the cases☆20Aug 16, 2020Updated 5 years ago
- Full packet capture with flow cutoff, rotation, and compression☆15Sep 18, 2018Updated 7 years ago
- ☆12Apr 23, 2020Updated 5 years ago
- Zeek Training Materials/Products☆41Mar 12, 2026Updated last week
- Example configuration files for Logstash☆44Oct 30, 2019Updated 6 years ago
- Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings☆122Jul 12, 2021Updated 4 years ago
- Repository for SPEED SIEM Use Case Framework☆60May 2, 2020Updated 5 years ago
- ☆39Dec 4, 2023Updated 2 years ago
- ☆16Mar 28, 2019Updated 6 years ago