PolitoInc / DNS-ELKLinks
Experimental DNS logs pipeline based on Pi-hole dnsmasq logs, ELK stack, and Filebeat. Sample configs included.
☆30Updated last year
Alternatives and similar repositories for DNS-ELK
Users that are interested in DNS-ELK are comparing it to the libraries listed below
Sorting:
- Logstash Configuration for Linux Logs (Authentication, Apache, Mail)☆93Updated 5 years ago
- Graylog Processing Pipeline functions to enrich log messages with IoC information from threat intelligence databases☆154Updated last year
- Configuration for a Palo Alto Networks fed ELK Stack with Visualizations☆73Updated 6 years ago
- Contains Logstash related content including tons of Logstash configurations☆254Updated 3 years ago
- Dashboards and loader for ROCK NSM dashboards☆49Updated 2 years ago
- Logstash configuration for pfSense syslog events.☆92Updated last year
- Example configuration files for Logstash☆44Updated 5 years ago
- SIAC is an enterprise SIEM built on open-source technology.☆115Updated 6 years ago
- DynamiteNSM is a free Network Security Monitor developed by Dynamite Analytics to enable network visibility and advanced cyber threat det…☆171Updated 2 years ago
- Alert Wizard plugin for Graylog to manage the alert rules☆49Updated last month
- bro on debian with elasticsearch support☆24Updated 8 years ago
- Threat Intelligence with Elastic - Minemeld integration with Elasticsearch☆19Updated 4 years ago
- A search command for Splunk which will allow you to search Elastic Search and display the results in the Splunk GUI☆69Updated 8 years ago
- ☆38Updated 5 years ago
- Translate an ECS mapping CSV to starter pipelines for Beats, Elasticsearch or Logstash☆54Updated 3 years ago
- Bro script package to create JSON formatted logs to stream into data analysis systems.☆28Updated last year
- Ansible playbook for installing MineMeld on Linux☆48Updated 4 years ago
- Alert notification plugin for Graylog to generate log messages from alerts☆25Updated last month
- Splunk Alert Manager with advanced reporting on alerts, workflows (modify assignee, status, severity) and auto-resolve features☆81Updated 3 years ago
- ☆17Updated 5 years ago
- MineMeld nodes for MISP☆19Updated last year
- WebUI of MineMeld☆43Updated 2 years ago
- Enterprise Log Search and Archive☆209Updated 6 years ago
- PANW Firewall Visualisations using Elastic Stack☆91Updated 2 years ago
- ioc2rpz is a place where threat intelligence meets DNS.☆110Updated 6 months ago
- Fortinet products logs to Elasticsearch☆98Updated last month
- This package allows the use of a custom Elastalert Alert which creates alerts with observables in TheHive using TheHive4Py.☆27Updated 4 years ago
- Script to perform bulk local GeoIP lookups (ASN and geo) for IP addresses☆101Updated 5 years ago
- ELK configuration files for Forensic Analysts and Incident Handlers (unmaintained)☆179Updated 6 years ago
- Engine of MineMeld☆141Updated 2 years ago