Parse wazuh[HIDS] alerts into ECS mapping using Filebeat
☆28Jul 21, 2020Updated 5 years ago
Alternatives and similar repositories for wazuh-ecs
Users that are interested in wazuh-ecs are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Threat Intelligence with Elastic - Minemeld integration with Elasticsearch☆19May 11, 2021Updated 5 years ago
- A Sigma to Wazuh / OSSEC converter including a generated Windows Sysmon ruleset☆40Jun 8, 2020Updated 6 years ago
- Translate an ECS mapping CSV to starter pipelines for Beats, Elasticsearch or Logstash☆53Mar 9, 2022Updated 4 years ago
- Wazuh integration TheHive☆42Feb 21, 2023Updated 3 years ago
- A Ruleset to enhance detection capabilities of Ossec using Sysmon☆97Apr 13, 2022Updated 4 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Mapping Corelight or Zeek data to Elastic Common Schema fields☆33May 23, 2026Updated 3 weeks ago
- Automated Real-Time Threat Hunting with ATD, Active Response and Elasticsearch/Kibana☆10Aug 17, 2018Updated 7 years ago
- ☆21Apr 30, 2020Updated 6 years ago
- Wazuh - Splunk App☆57Sep 17, 2024Updated last year
- TAXII 2.0 Server implemented in Node JS with MongoDB backend☆12Jan 3, 2023Updated 3 years ago
- Parse Suricata rules☆14Aug 1, 2023Updated 2 years ago
- Security Onion Elastic Stack☆46Feb 1, 2021Updated 5 years ago
- Useful scripts for those administering Wazuh☆97Jan 6, 2026Updated 5 months ago
- Wazuh REST API in Go☆16Dec 15, 2023Updated 2 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- NIST based open source security automation delivered as AWS cloudformation☆21Jan 8, 2020Updated 6 years ago
- Basic c2-matrix analysis enviroment using Suricata + Wazuh + Elastic stack☆13Apr 18, 2020Updated 6 years ago
- Wazuh - RESTful API☆80Sep 17, 2024Updated last year
- ☆13Feb 25, 2021Updated 5 years ago
- A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the…☆61Nov 26, 2025Updated 6 months ago
- This script is to build Wazuh 4.3 environment☆12May 30, 2022Updated 4 years ago
- A few quick recipes for those that do not have much time during the day☆22Oct 28, 2024Updated last year
- Zeek Training Materials/Products☆44Apr 21, 2026Updated last month
- Wazuh - Amazon AWS Cloudformation☆45Jul 26, 2023Updated 2 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- ☆12Jan 28, 2020Updated 6 years ago
- A simple way of detecting multithreaded exfiltration in Zeek.☆15May 1, 2025Updated last year
- Vulnerability Assessment Module - OpenVas with Elastic stack using VulnWhisperer☆20Jun 11, 2019Updated 7 years ago
- Filebeat module for Squid access.log + Kibana dashboards. ELK 7.x☆17Sep 19, 2020Updated 5 years ago
- Import specific data sources into the Sigma generic and open signature format.☆79May 6, 2022Updated 4 years ago
- Tools for Wazuh by Juan C. Tello☆16Jan 13, 2022Updated 4 years ago
- Cyber threat intelligence crates for Rust☆16Jan 22, 2024Updated 2 years ago
- A script to create and assign SOP tasks into the cases☆20Aug 16, 2020Updated 5 years ago
- RPM packages for MISP☆41Updated this week
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- A set of zeek scripts providing a module for tracking and correlating abnormal DNS behavior.☆35Jan 4, 2025Updated last year
- Web UI for testing Elastic Beats processors☆18Feb 22, 2026Updated 3 months ago
- This package allows the use of a custom Elastalert Alert which creates alerts with observables in TheHive using TheHive4Py.☆26May 18, 2021Updated 5 years ago
- ☆38Oct 23, 2019Updated 6 years ago
- ☆21Oct 17, 2021Updated 4 years ago
- ☆12Apr 23, 2020Updated 6 years ago
- Quick and Dirty full-connect scanner. Meant for when `nmap -Pn -p-` is too slow☆20Jul 1, 2016Updated 9 years ago