Parse wazuh[HIDS] alerts into ECS mapping using Filebeat
☆27Jul 21, 2020Updated 5 years ago
Alternatives and similar repositories for wazuh-ecs
Users that are interested in wazuh-ecs are comparing it to the libraries listed below
Sorting:
- Threat Intelligence with Elastic - Minemeld integration with Elasticsearch☆19May 11, 2021Updated 4 years ago
- Active Response plugin. Osquery to execute wazuh/ossec active response plugins. You can write your own plugins, easy to plug☆11Jun 20, 2020Updated 5 years ago
- A Sigma to Wazuh / OSSEC converter including a generated Windows Sysmon ruleset☆39Jun 8, 2020Updated 5 years ago
- Mapping Corelight or Zeek data to Elastic Common Schema fields☆33Nov 3, 2025Updated 4 months ago
- Converts Netwitness log parser configuration to Logstash configuration☆20Sep 10, 2020Updated 5 years ago
- Wazuh - Chef cookbooks☆24Jul 26, 2023Updated 2 years ago
- Wazuh integration TheHive☆41Feb 21, 2023Updated 3 years ago
- ☆22Mar 1, 2022Updated 4 years ago
- Automated Real-Time Threat Hunting with ATD, Active Response and Elasticsearch/Kibana☆10Aug 17, 2018Updated 7 years ago
- Sysmon and wazuh integration with Sigma sysmon rules [updated]☆72Jul 21, 2021Updated 4 years ago
- Go command line app to exploit file upload vulnerability☆12Feb 8, 2017Updated 9 years ago
- ☆13Feb 25, 2021Updated 5 years ago
- Tools to integrate 2 great security tools OPNsense and Wazuh☆31Aug 26, 2021Updated 4 years ago
- A simple way of detecting multithreaded exfiltration in Zeek.☆15May 1, 2025Updated 10 months ago
- ☆12Apr 23, 2020Updated 5 years ago
- ☆12Jan 28, 2020Updated 6 years ago
- Basic c2-matrix analysis enviroment using Suricata + Wazuh + Elastic stack☆12Apr 18, 2020Updated 5 years ago
- Translate an ECS mapping CSV to starter pipelines for Beats, Elasticsearch or Logstash☆53Mar 9, 2022Updated 4 years ago
- A Ruleset to enhance detection capabilities of Ossec using Sysmon☆96Apr 13, 2022Updated 3 years ago
- Zeek Training Materials/Products☆41Feb 2, 2026Updated last month
- Ansible role to install auditbeat for security monitoring. (Ruleset included)☆15Nov 16, 2023Updated 2 years ago
- A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the…☆62Nov 26, 2025Updated 3 months ago
- YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack☆16Jan 6, 2021Updated 5 years ago
- A set of zeek scripts providing a module for tracking and correlating abnormal DNS behavior.☆35Jan 4, 2025Updated last year
- NIST based open source security automation delivered as AWS cloudformation☆19Jan 8, 2020Updated 6 years ago
- Web UI for testing Elastic Beats processors☆18Feb 22, 2026Updated 2 weeks ago
- Collection of Jupyter Notebook for Threat Hunting and Blue Team Purposes☆22Jun 15, 2022Updated 3 years ago
- Security Onion Elastic Stack☆46Feb 1, 2021Updated 5 years ago
- Ansible playbook for installing MineMeld on Linux☆47Mar 18, 2021Updated 4 years ago
- Filebeat module for Squid access.log + Kibana dashboards. ELK 7.x☆17Sep 19, 2020Updated 5 years ago
- A script to create and assign SOP tasks into the cases☆20Aug 16, 2020Updated 5 years ago
- Quick and Dirty full-connect scanner. Meant for when `nmap -Pn -p-` is too slow☆20Jul 1, 2016Updated 9 years ago
- Useful scripts for those administering Wazuh☆93Jan 6, 2026Updated 2 months ago
- Suricata LUA scripts to detect CVE-2019-12255, CVE-2019-12256, CVE-2019-12258, and CVE-2019-12260☆19Nov 28, 2019Updated 6 years ago
- Vulnerability Assessment Module - OpenVas with Elastic stack using VulnWhisperer☆19Jun 11, 2019Updated 6 years ago
- Wazuh - RESTful API☆80Sep 17, 2024Updated last year
- ☆21Apr 30, 2020Updated 5 years ago
- A few quick recipes for those that do not have much time during the day☆22Oct 28, 2024Updated last year
- This repository contains a few examples of actions that can be added to rules within Elastic Security.☆24Feb 6, 2025Updated last year