PolitoInc / DNS-ELK

Related projects ⓘ

Alternatives and complementary repositories for DNS-ELK

• billmurrin / graylog-plugin-slookup-function
  Stream Lookup function for GrayLog2 Pipeline Processor
  ☆14Updated 3 years ago
• jtschichold / panwdbl
  Simple block lists hub for PAN-OS DBL feature
  ☆35Updated 5 years ago
• rocknsm / rock-dashboards
  Dashboards and loader for ROCK NSM dashboards
  ☆48Updated last year
• HKcyberstark / TI_Mod
  Threat Intelligence with Elastic - Minemeld integration with Elasticsearch
  ☆19Updated 3 years ago
• thomaspatzke / logstash-linux
  Logstash Configuration for Linux Logs (Authentication, Apache, Mail)
  ☆92Updated 5 years ago
• Graylog2 / graylog-plugin-threatintel
  Graylog Processing Pipeline functions to enrich log messages with IoC information from threat intelligence databases
  ☆150Updated 8 months ago
• opc40772 / suricata-graylog
  ☆23Updated 5 years ago
• tcw3bb / ISC_Posts
  Files from my Storm Center Articles
  ☆17Updated 10 months ago
• shadow-box / Palo-Alto-Networks-ELK-Stack
  Configuration for a Palo Alto Networks fed ELK Stack with Visualizations
  ☆74Updated 5 years ago
• siemonster / logstash
  Example configuration files for Logstash
  ☆45Updated 5 years ago
• PaloAltoNetworks / minemeld-webui
  WebUI of MineMeld
  ☆43Updated last year
• Graylog2 / graylog-guide-snort
  How to send structured Snort IDS alert logs into Graylog
  ☆27Updated last year
• danielguerra69 / bro-debian-elasticsearch
  bro on debian with elasticsearch support
  ☆24Updated 7 years ago
• Homas / ioc2rpz
  ioc2rpz is a place where threat intelligence meets DNS.
  ☆106Updated 2 months ago
• PaloAltoNetworks / minemeld-ansible
  Ansible playbook for installing MineMeld on Linux
  ☆48Updated 3 years ago
• PaloAltoNetworks / minemeld-misp
  MineMeld nodes for MISP
  ☆18Updated 10 months ago
• corelight / json-streaming-logs
  Bro script package to create JSON formatted logs to stream into data analysis systems.
  ☆28Updated 11 months ago
• binorassocies / brostash
  brostash: Linux distribution based on Debian and focusing on network security events collection
  ☆34Updated 4 years ago
• corelight / zeek-community-id
  Zeek support for Community ID flow hashing.
  ☆34Updated last year
• clay584 / blacklist_builder
  Fetches multiple blacklists, formats, outputs to text file for use with Palo Alto firewalls (possibly others).
  ☆13Updated 9 years ago
• CityBaseInc / SIAC
  SIAC is an enterprise SIEM built on open-source technology.
  ☆113Updated 6 years ago
• harvard-itsecurity / qradar-seculert-push
  Push "BAD" IPs/Networks into QRadar's "Remote Networks", tag them properly, and use them!
  ☆18Updated 11 years ago
• counteractive / o365beat
  Elastic Beat for fetching and shipping Office 365 audit events
  ☆66Updated 4 years ago
• juju4 / ansible-MISP
  ansible role to setup MISP, Malware Information Sharing Platform & Threat Sharing
  ☆52Updated 2 weeks ago
• tuckner / f5-elk
  Logstash Configs and Kibana Dashboards for F5 LTM & ASM
  ☆16Updated 7 years ago
• sm-biz / paloalto-elasticstack-viz
  PANW Firewall Visualisations using Elastic Stack
  ☆90Updated last year
• StamusNetworks / KTS6
  Kibana 6 Templates for Suricata IDPS Threat Hunting
  ☆25Updated 5 years ago
• ccdcoe / CDMCS
  Cyber Defence Monitoring Course Suite :: Suricata, Arkime (and others in the past)
  ☆100Updated 5 months ago