MrM8BRH / Splunk
This repository is a comprehensive collection of resources, documentation, apps, and add-ons related to Splunk, a powerful data analytics and monitoring platform. The repository contains several Markdown files and other that provide valuable information and instructions for various aspects of working with Splunk.
☆21Updated this week
Alternatives and similar repositories for Splunk:
Users that are interested in Splunk are comparing it to the libraries listed below
- A list of Splunk queries that I've collected and used over time.☆76Updated 4 years ago
- SPL cheatsheet for Splunk.☆21Updated 2 years ago
- This repository contains Splunk queries to hunt some anomalies☆39Updated 2 years ago
- Microsoft Sentinel, Defender for Endpoint - KQL Detection Packs☆52Updated last year
- links collected from SOC Core Skills class☆85Updated 4 years ago
- Security Scripts and Sources for daily usage.☆55Updated last week
- This is the One Stop place where you can several Detection Rules which can help you to kick start your journey on SIEM, SOC work.☆38Updated 3 years ago
- ☆57Updated last year
- ☆42Updated 2 years ago
- Some important DFIR Resources☆83Updated 2 years ago
- ☆57Updated 3 years ago
- Tools for simulating threats☆183Updated last year
- Cybersecurity Incident Response Plan☆89Updated 4 years ago
- This is the One Stop place where you can find almost all of your Tools of Requirements in DFIR☆77Updated 3 years ago
- MISP to Sentinel integration☆63Updated 4 months ago
- Distribution of the SANS SEC504 Windows Cheat Sheet Lab☆69Updated 4 years ago
- Practical Threat Detection Engineering, Published by Packt☆66Updated last year
- These are open source rules that can be utilized with QRadar to detect various types of threats in the environment.☆54Updated 5 years ago
- A collection of various SIEM rules relating to malware family groups.☆65Updated 9 months ago
- SentinelOne STAR Rules☆58Updated last month
- A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation☆77Updated 10 months ago
- Incident Response documents and tooling☆69Updated last year
- ☆9Updated 2 years ago
- Run Velociraptor on Security Onion☆37Updated 2 years ago
- ☆72Updated 5 months ago
- Incident Response Methodologies (IRM), also called Incident Playbook, based on the work done by the CERT Societe General☆23Updated 3 years ago
- Conference presentations☆47Updated last year
- Quick SOC L1 ticket structure☆35Updated 5 years ago
- Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise☆61Updated 10 months ago
- Reflex SOAR☆12Updated 2 years ago