HKcyberstark / wazuh-ecsView external linksLinks
Parse wazuh[HIDS] alerts into ECS mapping using Filebeat
☆28Jul 21, 2020Updated 5 years ago
Alternatives and similar repositories for wazuh-ecs
Users that are interested in wazuh-ecs are comparing it to the libraries listed below
Sorting:
- Threat Intelligence with Elastic - Minemeld integration with Elasticsearch☆19May 11, 2021Updated 4 years ago
- Active Response plugin. Osquery to execute wazuh/ossec active response plugins. You can write your own plugins, easy to plug☆11Jun 20, 2020Updated 5 years ago
- Converts Netwitness log parser configuration to Logstash configuration☆20Sep 10, 2020Updated 5 years ago
- Wazuh integration TheHive☆41Feb 21, 2023Updated 2 years ago
- ☆22Mar 1, 2022Updated 3 years ago
- Automated Real-Time Threat Hunting with ATD, Active Response and Elasticsearch/Kibana☆10Aug 17, 2018Updated 7 years ago
- Sysmon and wazuh integration with Sigma sysmon rules [updated]☆71Jul 21, 2021Updated 4 years ago
- ☆13Feb 25, 2021Updated 4 years ago
- Parse Suricata rules☆13Aug 1, 2023Updated 2 years ago
- Tools to integrate 2 great security tools OPNsense and Wazuh☆31Aug 26, 2021Updated 4 years ago
- ☆12Apr 23, 2020Updated 5 years ago
- A simple way of detecting multithreaded exfiltration in Zeek.☆15May 1, 2025Updated 9 months ago
- Basic c2-matrix analysis enviroment using Suricata + Wazuh + Elastic stack☆12Apr 18, 2020Updated 5 years ago
- ☆12Jan 28, 2020Updated 6 years ago
- A Ruleset to enhance detection capabilities of Ossec using Sysmon☆95Apr 13, 2022Updated 3 years ago
- YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack☆16Jan 6, 2021Updated 5 years ago
- A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the…☆62Nov 26, 2025Updated 2 months ago
- Ansible role to install auditbeat for security monitoring. (Ruleset included)☆16Nov 16, 2023Updated 2 years ago
- A set of zeek scripts providing a module for tracking and correlating abnormal DNS behavior.☆36Jan 4, 2025Updated last year
- Collection of Jupyter Notebook for Threat Hunting and Blue Team Purposes☆22Jun 15, 2022Updated 3 years ago
- NIST based open source security automation delivered as AWS cloudformation☆19Jan 8, 2020Updated 6 years ago
- Web UI for testing Elastic Beats processors☆18Feb 10, 2026Updated last week
- Security Onion Elastic Stack☆46Feb 1, 2021Updated 5 years ago
- Ansible playbook for installing MineMeld on Linux☆48Mar 18, 2021Updated 4 years ago
- Filebeat module for Squid access.log + Kibana dashboards. ELK 7.x☆17Sep 19, 2020Updated 5 years ago
- Useful scripts for those administering Wazuh☆91Jan 6, 2026Updated last month
- A script to create and assign SOP tasks into the cases☆20Aug 16, 2020Updated 5 years ago
- Vulnerability Assessment Module - OpenVas with Elastic stack using VulnWhisperer☆19Jun 11, 2019Updated 6 years ago
- Quick and Dirty full-connect scanner. Meant for when `nmap -Pn -p-` is too slow☆20Jul 1, 2016Updated 9 years ago
- Wazuh - RESTful API☆80Sep 17, 2024Updated last year
- A few quick recipes for those that do not have much time during the day☆22Oct 28, 2024Updated last year
- ☆21Apr 30, 2020Updated 5 years ago
- This repository contains a few examples of actions that can be added to rules within Elastic Security.☆24Feb 6, 2025Updated last year
- This package allows the use of a custom Elastalert Alert which creates alerts with observables in TheHive using TheHive4Py.☆27May 18, 2021Updated 4 years ago
- Fortinet products logs to Elasticsearch☆103Updated this week
- Tool for managing Zeek deployments.☆60Jan 27, 2026Updated 3 weeks ago
- Code for try.zeek.org.☆18Feb 7, 2026Updated last week
- Wazuh - Splunk App☆56Sep 17, 2024Updated last year
- ☆20Jan 20, 2023Updated 3 years ago